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CLEAR  CHOICE  TEsQ 
DESKTOP-AS  A-SERVICE  (ff^AS) 


Consider  desktops  in  | 
the  cloud  for  BYOD  i 


Five  DaaS  vendors  deliver  Windows 
desktops  to  any  end  user  device. 
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Focus  on  ‘mobility’ 
as  wireless  evolves 


BY  JOHN  COX 

CISCO’S  WIRELESS  Network¬ 
ing  Business  Unit  doesn’t  actu¬ 
ally  talk  so  much  about  wireless 
networking  these  days. 

IT  is  no  longer  focused  on 
replacing  wired  connections 
with  wireless  so  workers  can 
carry  their  corporate  laptop  to 
the  conference  room.  The  real 
question  has  become:  What 
can  they,  and  the  company, 
and  the  company’s  customers, 
now  do  once  they’ve  made  that 
replacement? 

“Connecting  a  device  to  my 
corporate  network  is  just  step 
one.  The  question  is:  What 
happens  after  that?”says  Sujai 
Hajela,  vice  president/general 
manager  of  Cisco’s  Wireless 

►  See  Cisco, page  12 


M  CONNECTING 
A  DEVICE  TO 
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SUJAI  HAJELA,  CISCO 
VP/GM  OF  WIRELESS 


SPECIAL  FOCUS 

Social  media  brings  business, 
but  complicates  security 

BYELLENMESSMER 

SOCIAL  MEDIA  —  Facebook,  Twitter,  Linkedln,  Google+ 
and  so  forth  —  has  become  a  way  of  life  for  companies  and 
their  employees  to  interact  with  the  public,  but  beating  back 
the  fraudsters  that  try  to  prey  on  customers,  not  to  mention 
keeping  employees  from  spilling  sensitive  data,  is  becoming 
a  full-time  job  for  many  in  IT. 

“We  do  a  lot  of  social  media,  it’s  actually  an  important 
part  of  our  business,”  says  Yaron  Baitch,  director  of  infor¬ 
mation  technology  and  security  at  Bob’s  Stores,  the  apparel 
retailer  in  the  Northeast  region  which  counts  about  1,500 
employees.  The  store  chain  uses  its  Facebook  site  and  Twit¬ 
ter  for  continuous  interaction  with  the  public. 

►  See  Social,  page  32 
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jday's  businesses  require  highly  virtualized  and  services-on-demand  environments.  And  that’s  causing  the  network  as  we  have 
nown  it  to  undergo  a  dramatic  change.  Brocade  is  leading  this  transformation  with  cloud-optimized  networks  that  simplify 
if  restructure,  increase  efficiency,  and  provide  scalability  so  you  can  deliver  applications,  services,  and  virtualized  desktops 
nywhere  on  ie  network,  securely  and  without  interruption.  Soon,  we’ll  even  be  able  to  do  the  same  with  your  entire  data 
enter.  The  future  is  built  in.  Brocade  has  over  25  combined  years  in  building  data  center  networking  and  Ethernet  fabric 
Khnology.  Learn  why  90  percent  of  the  Global  1000  and  two-thirds  of  the  world’s  Internet  exchanges  rely  on  Brocade  at 


“I’M  TRYING  TO  FIND 
THE  DNA  EQUIVALENT 
OF  A  NEEDLE  IN  A 
HAYSTACK.  LET’S  GET 


SERIOUS!’ 


JIM  HARDING 

CEO,  CODONIS 


CODONIS  CHOSE  NEW.  When  bioscience  pioneer 
Codonis  set  out  to  unlock  the  secrets  of  the  human 
genome,  they  didn’t  turn  to  just  any  data  center 
They  chose  New  Network  Platform  Architecture  from 
Juniper  Networks,  juniper.net/choosenew 
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FROM  THE  EDITOR  |  JOHN  DIX 

A  software-controlled 
world:  The  look  ahead 


The  Interop  show  in  Las  Vegas  is  always  a  good 
bellwether  for  enterprise  technology  trends,  and 
perhaps  the  most  striking  thing  about  the  recent 
show  was  how  little  the  term 
“network  fabric”  came  up. 

As  Network  BhrM  blogger  Jon  Oltsik, 
a  principal  analyst  at  the  Enterprise 
Strategy  Group,  said  in  a  post,  “Everyone  was  talking 
about  data  center  fabrics  last  year  —  TRILL,  SPB, 

QFabric,  FabricPath,  etc.  This  year  however,  hardly  a 
word  was  spoken.” 

The  buzz  instead  was  about  software-defined 
networks,  decoupling  the  network  control  plane  from 
the  data  plane  and  using  the  OpenFlow  protocol  to  give  servers,  which  inherit 
network  control,  access  to  devices  such  as  switches  and  routers. 

Driving  the  interest?  While  virtualization  has  made  it  possible  to  create  VMs  in 
minutes,  the  network  changes  required  can  take  days  because  they  involve  mul¬ 
tiple  people  and  multiple  tools  to  update  port  groups,  change  virtual  router  set¬ 
tings,  update  firewalls,  take  care  of  management  tools,  etc.  Offloading  that  control 
to  servers  will  simplify  and  speed  the  process,  making  it  possible  for  changes  to  be 
propagated  across  multiple  tiers  of  infrastructure  in  one  fell  swoop. 

It  is  still  early,  and  attendees  at  the  show  flocked  to  educational  sessions  on  SDN 
and  OpenFlow  looking  to  learn  more.  This  isn’t  to  say  the  network  fabric  discus¬ 
sion  is  over;  it  has  just  been  eclipsed. 

One  of  the  other  overarching  themes  at  the  show,  as  you  would  expect,  was  cloud 
computing.  In  fact,  SDN  and  cloud  are  all  part  and  parcel  of  the  same  movement 
toward  software-controlled  everything.  Many  Interop  speakers,  in  fact,  were  using 
the  term  “software-defined  data  center”  as  a  description  of  an  emerging  future  state, 
presumably  ultra  elastic  environments  that  can  morph  to  meet  shifting  demands. 

He  may  not  be  there  quite  yet,  but  Zynga  CTO  of  Infrastructure  Allan  Leinwand 
used  his  keynote  address  to  describe  his  amazingly  flexible  cloud  environment. 

Zynga,  the  company  that  produces  “FarmVille”  and  other  popular  online  games, 
has  experienced  tremendous  growth,  at  one  point  scaling  servers  100:1  year  over 
year.  It  couldn’t  keep  up  with  that  in  the  early  days  so  turned  to  a  cloud  supplier  mid- 
2009.  But  by  the  beginning  of  2011  the  company  realized  it  wanted  to  own  the  core 
and  just  rent  capacity  to  accommodate  the  spikes,  so  it  set  out  to  build  a  private  cloud. 

Six  months  after  a  proof  of  concept,  Zynga’s  zCloud  was  in  full  production,  and 
by  the  end  of  the  year  it  was  supporting  80%  of  the  company’s  compute  load.  The 
most  fascinating  nugget:  Zynga  was  able  to  support  on  one  highly  tuned  zCloud 
server  the  loads  from  three  public  cloud  servers.  Today  Zynga  operates  what  Lein¬ 
wand  says  is  the  largest  hybrid  cloud  in  the  world. 

All  the  virtual  pieces  are  aligning  nicely,  and  it  isn’t  unreasonable  to  expect  that 
software-defined  data  centers  will  be  within  reach  by  the  end  of  the  decade. 
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Security  technology  trends 

©  FORRESTER  IS  MOSTLY  on  the  money, 
except  for  the  “predictive  threat  modeling” 
bit.  In  order  to  adequately  protect  critical 
data  and  services  (applications),  detec¬ 
tion  technologies  must  be  more  behavior- 
anomaly  based;  that  requires  more  of  the 
normal  (expected)  behavior  modeling 
than  “threat”  modeling  (Re:  Forrester 
outlines  5  rising,  5  declining  security 
technologies”;  tinyurl.com/covusxp). 

Furthermore,  risk  management 
must  take  more  of  a  security  ecosystem 
approach  as  opposed  to  the  largely  siloed 
approach  so  far.  I  know  the  last  part  is 
hard  to  do,  but  who  could  say  that  secu¬ 
rity  is  easy 

Fengmin  Gong 

Android  vs.  iPhone 

©THANKS  FORA  decent  article.  I  have 
the  following  short  comments  (“Re:  How 
to  make  Android  faster,  more  productive 
and  more  secure  than  iPhone”;  tinyurl. 
com/c2w7sgl): 

1.  Regarding  keyboards:  surprised  that 
you  didn’t  mention  SwiftKey,  which  I 
personally  prefer  to  Swype. 

2.  My  screen  protector  does  not  seem 
to  leave  any  “pattern”  that  would  make 
it  easy  for  a  thief  to  discover  my  pattern- 
unlock.  And  of  course,  you  usually  unlock 
the  phone  to  tap  and  move  your  finger 
otherwise  on  the  screen, 

to  actually  do  things, 
not  just  unlock  for 
unlocking’s-sake.  So 
you  would  probably 
“overwrite”  some  of 
the  oils  on  the  screen 
and  make  it  difficult  to 
determine  your  unlock 
pattern  in  very  short 
order. 

PJ 

©ANDROID  NEEDS  TO  - 

be  revamped  so  that 
permissions  can  be  selectively  allowed 
or  denied  for  each  app  by  the  end  user, 
and  provide  a  clearer  explanation  of  why 
it  needs  each  permission,  rather  than 
the  current  all-or-nothing  nebulously- 
described  permissions  model.  This  would 
help  defuse  the  rather  accurate  statement 
but  dismal  security  mindset  of  “permis¬ 
sions  that  everyone  just  ignores.” 

Rick762 


We  aren’t 
seeing  many 
organizations 

make  any  formal 
policies  to  address 
BYOD  trends. 


What  BYOD  policy? 

©  I  WOULD  RESPOND  to  the  article  title 
with  another  question:  “What  BYOD 
policy?”  (Re:  “Is  your  BYOD  policy  out  of 
date?”;  tinyurl.com/c3dlrfr.) 

We  touch  dozens  of  IT  teams  weekly 
and  we  aren’t  seeing  many  organizations 
make  any  formal  policies  to  address 
BYOD  and  consumerization  trends.  But 
to  the  point  of  the  article,  should  they 
have  policies?  Certainly.  Should  they  be 
updated  regularly?  Definitely. 

Aaron  Suzuki 

Voice  calls'  days  are  numbered 

©AN  APPOSITE  MOMENT  for  this  article 
(Re:  “SMS  a  killer  app  at  20;  irrelevant  at 
25?”;  page  16). 

The  bell  will  toll  sooner  or  later  for  voice 
calls  as  well,  if  only  because  phone  users 
will  prefer  to  buy  a  data  plan  that  includes 
everything  over  having  to  juggle  guessti¬ 
mates  between  how  much  data  and  how 
much  voice  time  they  plan  to  consume. 
VoIP  is  a  more-than-mature  technology. 

Martin  Turner 

IT  talent:  People,  not  resources 

©TECH  MANAGERS  ALWAYS  look  to  their 
vendors  for  guidance  as  to  what  to  do 
for  their  tech  people.  Vendors,  after  all, 
compete  for  similar  skills  in  techs  since 
they  build  and  sometimes  even  use  the 
products  and  tools  the 
client  tech  managers 
deal  with  on  a  daily 
basis  (Re:  “Tech  manag¬ 
ers  aren’t  developing  IT 
talent”;  page  16). 

When  vendors  like 
IBM  have  been  treating 
their  tech  skills  assets 
like  dirt  and  call  them 
“resources,”  is  it  a 
surprise  that  the  client 
managers  of  those 

_  same  skills  don’t  do  the 

same  thing? 

Until  the  hypocrisy  of  calling  tech 
people  vital  but  treating  them  like 
“human  resources”  ends  we  will  continue 
to  have  this  management  problem.  If  and 
when  the  economy  turns  around,  the  new 
rising  young  generation  of  cynical  and 
self-centered  tech  employees  which  these 
management  practices  have  created  will 
come  to  roost  to  American  business. 

Darth  Voder 
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Building  the  engines  of  a  Smarter  Planet: 

Cyber  crime  is  inevitable. 

Becoming  a  victim  isn’t. 

On  a  smarter  planet,  midsize  businesses  are  more  intelligent  and  interconnected  than  ever  before.  Rapidly  emerging 
technologies  are  helping  businesses  innovate,  yet  these  technologies  also  present  their  own  risks.  With  record  levels 
of  security  breaches  reported  in  all  industries— across  the  globe— antivirus  measures  and  firewalls  simply  can’t  provide 
sufficient  protection  against  ever-evolving  cyber  threats.  IBM  Hosted  Vulnerability  Management  Service  (VMS)  is  not  like 
other  security  solutions.  It  uses  the  same  methods  that  a  hacker  would  to  identify  your  company’s  security  risks  and  then 
outlines  specific  step-by-step  solutions.  Benefits  of  VMS  include: 


Identifying  risks  before  hackers  do. 

IBM  VMS  remotely  scans  your  IT  infrastructure  on  a 
regular  basis,  pointing  out  potential  threats  and  outlining 
the  appropriate  solutions. 


Security  that  evolves  with  your  company. 

IBM  manages  VMS  through  the  cloud.  So  as  your 
company’s  workloads  become  more  complex,  VMS 
updates  automatically  and  requires  minimal  resources 
in  terms  of  staff,  hardware  and  software. 


4 


Providing  the  confidence  to 
drive  your  business  forward. 

As  your  midsize  business  continues  to  leverage 
new  technology,  VMS  can  help  protect  your  IT 
infrastructure  from  ever-evolving  cyber  threats. 


To  receive  a  free  security  scan  for  your  company1 
and  find  the  right  IBM  Business  Partner,  call 

1-877-IBM-ACCESS  or  visit  ibm.com/engines/vms 


IBM  Hosted  Vulnerability  Management  Service 

Starting  at 


1,025 


per  month 


for  unlimited  scanning  of  up  to  49  Web 
applications  or  IP  addresses. 


Midsize  businesses  are  the  engines  of  a  Smarter  Planet. 
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'Offer  valid  one  per  company  and  ends  12/31/11.  Prices  are  current  as  of  08/05/11,  valid  in  the  U.S.  only,  and  subject  to  change  without  notice.  Offerings  are  subject  to  change,  extension  or  withdrawal  without  notice. 
Please  contact  your  IBM  authorized  Business  Partner  or  IBM  representative  for  more  information.  All  rights  reserved.  IBM,  the  IBM  logo,  ibm.com,  Smarter  Planet  and  the  planet  icon  are  trademarks  of  International 
Business  Machines  Corp,  registered  in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at 
www.ibm.com/legal/copytrade.shtml.  ©  International  Business  Machines  Corporation  2011. 
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Utah  CTO  falls  on  his  sword 
for  data  breach 


THE  EXECUTIVE  DIRECTOR  of  Utah’s  Department  of  Technology 
Services,  Stephen  Fletcher  (left),  has  resigned  over  a  data  breach  that 
exposed  the  Social  Security  numbers  and  other  personal  data  of  about 
280,000  Medicaid  recipients.  Hackers,  believed  to  be  operating  out  of 
Eastern  Europe,  broke  into  a  Medicaid  server  at  the  Utah  Department  of 
Health  on  March  30  by  exploiting  a  default  password  on  the  user  authen¬ 
tication  layer  of  the  system,  bypassing  multiple  network,  perimeter  and 
application  level  security  controls.  In  a  statement,  Utah  Gov.  Gary  Herbert  described  various 
initiatives  underway  that  aim  to  mitigate  the  risk  of  similar  breaches,  including  an  independent 


^  **rtcan  Registry  for  Intern* 


U 

1 


"WING  WITH 

manage  in 

'IMBERpf 


ST  VIDEO 

Videos  from 
Interop  2012 

Catch  up  on  what’s  going 
on  with  IPv6,  Wi-Fi  and 
other  networking  issues 
with  video  interviews  from 
Interop  2012. 
tinyurl.com/7jz3nnp 
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is  targeted  at  mobile  profession¬ 
als  such  as  contractors  or  insur¬ 
ance  agents  who  need  mobile 
printers  as  they  move  between 
locations,  said  Eric  Killian,  a 
product  manager  for  printing  at 
HP.  tinyurl.com/77joboq 


audit  of  all  IT  security  systems,  the  appointment  of  a  new  health  data  security  ombudsman,  and  a 
continuing  investigation  of  the  breach  by  law  enforcement  personnel.  “The  people  of  Utah  rightly 
believe  that  their  government  will  protect  them,  their  families  and  their  personal  data.  As  a  state 
government,  we  failed  to  honor  that  commitment,”  Herbert  said,  tinyurl.com/7fa8twh 


Mozilla  set  to 
take  on  Apple 
App  Store,  Google 
Play  Store 
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MOZILLA’S  ONLINE  app  store 
is  set  to  move  to  a  public  beta 
stage  in  a  couple  of  weeks.  The 
browser-accessible  Mozilla 
Marketplace  will  feature  apps 
built  using  Web  development 
technologies,  including:  HTML5 
for  structure;  Cascading  Style 
Sheets  for  layout,  visual  aesthet¬ 
ics,  and  visual  behaviors;  and 
JavaScript  for  logical  imple¬ 
mentation.  Mozilla  Marketplace 
will  offer  developers  hundreds 
of  millions  of  more  users  than 
the  rival  Apple  App  Store  and 
Google  Play  Store,  says  Mozilla’s 
Joe  Stagner.  It  also  will  feature 
a  liberal  application  submis¬ 
sion  process.  “There’s  a  very 
quick  screening  process,”  with 
restrictions  on  illegal  software, 
pornography,  and  software  that 
infringes  copyrights  or  trade¬ 
marks,  Stagner  said.  tinyurl. 
com/74tjnme 


Ethernet 
switching  gets 
specialized 

FROM  2003  to 2008 growth 
in  the  Ethernet  switch  market 
occurred  across  all  segments  — 
low-end  unmanaged  switches, 
mid-range  fixed  PoE  devices 
and  high-end  modular  systems 
—  but  since  2010  it  has  been  all 
about  the  data  center,  according 
to  market  researcher  Dell’Oro 
Group.  With  the  migration 
toward  10  Gigabit  Ethernet  for 
server  access,  vendors  are  com¬ 
ing  out  with  unique  products 
optimized  for  those,  and  other 
specific  deployments.  “Manu¬ 
facturers  can  no  longer  develop 
a  switch  for  one  customer 
deployment  location 
and  modify  it  into  a  second 
location  and  expect  suc¬ 
cess,”  the  firm  states,  tinyurl. 
com/84zvvo2 


Don't  forget  to 
pack  your  printer 

ROAD  WARRIORS  who  need 
mobile  printing  access  are  the 
target  of  HP’s  new  portable 
printer,  which  the  company 


claims  is  the  world’s  first  multi¬ 
function  device  that  can  “print, 
copy  and  scan  on  the  go.”  At  6.8 
pounds,  the  OfficeJet  150  Mobile 
All-in-One  portable  printer  is 
lighter  than  stationary  inkjets 
but  feels  as  bulky  as  a  high-end 
gaming  laptop.  The  $399  printer 
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Benny  Kirsh 

VICE  PRESIDENT  AND  CIO, 
INFOBLOX,  INC. 

Benny  Kirsh,  vice-president 
and  CIO  of  Infobiox,  previ¬ 
ously  held  several  Executive 
CIO  positions  and  was  directly 
responsible  for  the  success¬ 
ful  implementation  of  major 
transformation  projects.  As 
CIO  of  The  Cooper  Companies, 
he  led  a  team  of  IT  profession¬ 
als  and  was  responsible  for 
all  Global  IT  strategic  planning 
and  execution.  Prior  to  that,  he 
was  the  first  CIO  at  Kyphon, 
where  he  was  responsible  for 
building  a  growth-focused  IT 
foundation. 


FOR  MORE  INFORMATION  On 

leveraging  IT  automation  to  gain 
faster  time  to  value,  check  out  the 
Webcast  "The  CIO's  view:  Time 
to  Value  through  Automation" 
at  www.networkworld.com/ 
webcasts/infobloxvalue 
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The  CIO's  View:  Delivering 
Time  to  Value  Through  Automation 


In  August  2011,  Benny  Kirsh  was  named  VP 
and  CIO  at  Infobiox,  an  industry-leading  de¬ 
veloper  of  network  infrastructure  automation 
and  control  solutions.  With  more  than  25  years 
of  experience,  Kirsh  is  responsible  for  driving 
strategic  advancements  via  the  company’s  IT 
infrastructure  and  applications.  Now  more 
than  ever  before,  IT  professionals  like  him 
are  being  asked  to  deliver  strategic  value  by 
responding  quickly  to  dramatically  chang¬ 
ing  business  demands.  But  in  today’s  tight 
economy,  they  must  do  so  with  flat  budgets 
and  staffing  levels.  IDG  recently  sat  down  with 
Kirsh,  who  explained  how  corporations  can 
meet  those  conflicting  business  imperatives. 

Time  to  Value  has  become  a  catchphrase  in 
IT  today.  What  does  the  term  mean  to  you? 

Traditionally,  IT  has  enabled  companies  to 
change  the  way  they  do  business.  Invest¬ 
ments  in  IT  were  high,  with  cutting  costs  and 
a  positive  ROI  as  the  main  objectives.  Now, 


They  expect  the  same  level  of  responsiveness 
from  IT.  Second,  technology  is  becoming 
more  complex,  so  we  must  constantly  sim¬ 
plify  the  management  of  our  systems.  Third, 
because  of  changing  business  needs,  IT  is 
required  to  do  more  with  less.  And  finally,  we 
are  expected  to  provide  a  high  level  of  quality 
solutions  fast  enough  to  support  new  business 
initiatives.  Balancing  all  these  different  drivers 
requires  us  to  be  more  creative  and  innovative. 

How  is  automation  beneficial  in  improving 
your  ability  to  deliver  Time  to  value? 

Automation  speeds  up  Time  to  Value.  The 
biggest  benefit  is  to  the  network.  Infoblox’s  so¬ 
lution  successfully  reduced  the  complexity  of 
our  network  and  consolidated  all  the  informa¬ 
tion  gathered  from  different  network  devices 
and  different  vendors  onto  one  pane  of  glass 
for  our  network  engineers  to  work  with.  In  the 
past,  experienced  network  engineers  had  to 
perform  routine,  time-consuming  mainte- 


“Automation  is  key  to  realizing  faster  Time  to  Value  ” 


the  focus  is  on  getting  projects  done  faster, 
meaning  shortening  lead  times  and  respond¬ 
ing  to  changing  business  needs  speedily.  With 
businesses  promoting  themselves  in  dynamic 
ways,  IT  has  to  be  agile  enough  to  accom¬ 
modate  rapid  changes.  In  the  past,  a  rollout 
of  solutions  was  a  periodic  event  with  long 
lead  times.  Today,  public  and  private  clouds 
and  the  consumerizahon  of  IT  have  changed 
expectations.  So  for  us  CIOs,  Time  to  Value 
means  rolling  out  systems  and  new  solutions 
faster  with  shorter  lead  times  —  while  remain¬ 
ing  focused  on  cutting  costs.  As  a  business 
partner,  IT  has  to  understand  the  needs  of  the 
business  and  stay  ahead  of  the  curve,  intro¬ 
ducing  new  technology  as  needed  and  being  a 
catalyst  for  change  within  the  corporation. 

As  a  CIO,  what  are  the  challenges  you  face 
in  delivering  Time  to  Value? 

The  four  challenges  are  quite  clear.  First,  busi¬ 
ness  units’  expectations  are  increasing.  During 
lunch,  employees  download  an  app  from  the 
cloud  for  $50,  and  they  are  up  and  running. 


nance  activities,  such  as  upgrades  or  bug  fix¬ 
ing.  Increased  automation  lets  us  hand  these 
tasks  to  our  junior  engineers  and/or  the  IT 
support  group,  freeing  up  senior  staff  to  work 
on  more  strategic  initiatives.  That  drives  costs 
down  and  delivers  a  better  Time  to  Value. 

Please  tell  us  about  your  experience  imple¬ 
menting  automation  at  Infobiox. 

By  embracing  the  private  cloud  for  speedy 
deployment  of  computer  power,  we  are  pro¬ 
viding  the  Engineering  department  with  the 
capability  of  self-provisioning  virtual  servers 
without  IT  involvement.  Using  the  private 
cloud  in  IT,  we  recently  deployed  a  new  re¬ 
porting  tool  that  would  previously  have  taken 
weeks.  Now,  thanks  to  virtualization  and 
the  automated  provisioning  of  IP  addresses 
provided  by  the  Infobiox  solution,  it  took  just 
days.  The  move  from  manual  processes  to 
self-provisioning  has  enabled  the  IT  team  to 
support  our  organization’s  changing  business 
requirements.  Automation  is  key  to  realizing 
faster  Time  to  Value. 
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Geena  Davis:  From  “Beetlejuice” 
to  world  telecom  honoree 


CRISTINA 
FERNANDEZ  DE 
CHNER 


ACTRESS  GEENA 

Davis,  President  of 
Argentina  Cristina 
Fernandez  de  Kirchner 
and  Huawei  Chairman 
Sun  Yafang  have  been 
named  winners  of  the 
2012  ITU  World  Tele¬ 
communication 
and  Information  Soci¬ 
ety  Award  for  their 
efforts  promoting 
information  and 
communica¬ 
tions  technol¬ 
ogy  to  empower 
women  and  girls.  The  Academy  Award-winning  Davis 
is  founder  of  the  nonprofit  Geena  Davis  Institute  on 
Gender  in  Media. 


Goodbye  grandfathered 
unlimited  data  plans 

VERIZON,  CONTINUING  its  purge  of 
unlimited  data  plans,  has  announced  that 
even  those  with  grandfathered  plans  will 
need  to  move  to  tiered  offerings  if  they 
want  to  stick  with  Verizon  upon  upgrad¬ 
ing  to  4G  LTE  phones.  CFO  Fran  Shammo, 
speaking  at  an  investors'  conference, 
said  the  policy  change  will  take  place 
once  Verizon  starts  offering  shared 
data  plans,  probably  by  mid-summer.  “So  as 
you  come  through  an  upgrade  cycle  and  you 
upgrade,  in  the  future,  you  will  have  to  go  onto 
the  data  share  plan,”  Shammo  said. 


Will  there  be  light  at  the  end 
of  tunnel  for  LightSquared? 


LIGHTSQUARED  FILED  for  Chapter  11  bankruptcy 
protection  last  week,  declaring  assets  of  $4.48  billion 
and  debts  of  $2.29  billion.  LightSquared  wanted  to 
run  an  LTE  mobile  broadband  network  using  frequen¬ 
cies  next  to  those  used  by  GPS,  but  was  shot  down 
by  the  government  after  a  determination  that  the 
network  would  interfere  with  GPS.  Philip  Falcone, 
whose  Harbinger  Capital  Partners  owns  most  of 
LightSquared,  said  declaring  bankruptcy  will  give  the 
company  more  time  to  gain  regulatory  approval  for 
its  network.  In  its  bankruptcy  filing  on  Monday, 
the  company  acknowledged  that  getting  per¬ 
mission  to  build  its  network  may  take  two  years, 
a  prediction  some  observers  say  is  optimistic. 


Angry  Birds 
tops  companies' 
app  blacklist 

IT  SEEMS  thatyourboss 
doesn’t  want  you  to  launch 
digital  birds  at  evil  green  pigs 
during  office  hours.  Research 
released  by  mobile  device 
management  firm  Zenprise 
found  that  Angry  Birds  was 
the  most-blacklisted  applica¬ 
tion  among  users  enrolled  in  its 
Zencloud  MDM  service.  Other 
mobile  apps  that  companies 
block  at  work  include  Face- 
book,  Google  Play,  Dropbox, 
YouTube  and  Skype,  Zenprise 
found.  Interestingly,  Zenprise 
also  found  that  Skype  was  the 
most  whitelisted  app  among  its 
customers,  thus  making  it  the 
top  app  to  appear  on  compa¬ 
nies’  blacklists  and  whitelists. 
tinyurl.com/708usba 


Software  piracy 
tab  surpasses 
$63  billion 

FOUR  OUT  of  every  10 
programs  used  in  the  world 


are  pirated  or  unlicensed, 
resulting  in  $63  billion  a  year 
in  lost  revenue,  the  Business 
Software  Alliance  estimates  in 
its  annual  survey.  The  worst 
offending  market,  China, 
has  topped  the  list  since  the 
organization  started  its  survey 
in  2007.  China  has  a  piracy 
rate  of  77%.  Other  developing 
countries,  such  as  Venezu¬ 
ela  (88%),  Indonesia  (86%), 
and  Argentina  (69%)  scored 
poorly.  By  contrast,  the  world’s 
largest  software  market,  the 
U.S.,  had  a  rate  of  19%.  tinyurl. 
com/7zv8xnv 

Juniper  to  license 
Radware  tech 
for  data  center? 

JUNIPER  NETWORKS  is  said  to 
be  negotiating  a  deal  to  license 
with  Radware’s  application 
delivery  controller  technology. 
According  to  investment  firm 
Oppenheimer  &  Co.,  Juniper 
would  integrate  the  Radware 
ADC  with  its  QFabric  data 
center  switch  architecture. 
Oppenheimer  believes  the  deal 
to  be  worth  $70  million  to  $100 
million  over  three  to  five  years. 
“We  believe  Juniper  has  been 
looking  for  some  time  to  build 
an  eco-system  around  its  data 
center  architecture,  the  QFabric, 
and  Radware  would  offer  a  key 
building  block  with  its  ADC 
engine,”  says  Oppenheimer 
analyst  Ittai  Kidron.  Specific 
details  of  the  possible  arrange¬ 
ment  are  still  limited,  tinyurl. 
com/cmfAbca 
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Change  hardware  configurations  in  real  time 
to  meet  your  business  needs. 

Control  costs  with  pay-per-configuration 
and  hourly  billing 

Up  to  6  Cores,  24  GB  RAM,  800  GB  storage 

2000  GB  of  traffic  included  free 

Parallels®  Plesk  Panel  10  for 
unlimited  domains,  reseller  ready. 


NEW:  Monitor  and  manage  your 
cloud  server  through  1&1  mobile 
apps  for  Android™  and  iPhone®. 
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1&1  DYNAMIC  CLOUD  SERVER 

Starting  at 
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Set-up  fee  of  S49  applies.  Base  configuration  includes  1  core,  1  GB  Ram,  100  GB  Storage.  Other  terms  and  conditions  may  apply.  Visitwww.1and1.com  for  full  promotional  offer  details. 
Program  and  pricing  specifications  and  availability  subject  to  change  without  notice.  1&1  and  the  1&1  logo  are  trademarks  of  1&1  Internet,  all  other  trademarks  are  the  property  of  their 
respective  owners.  ©  2012 1&1  Internet.  All  rights  reserved.  ,  ,  ,  ; 
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The  top  5  enterprise  Wi-Fi  vendors 

Percentage  share  of  total  worldwide  revenues  for  enterprise-class 
WLAN  equipment 


Vendor 

2009 

2010 

2011 

Growth 

2010-11 

Cisco 

52.0% 

53.3% 

50.2% 

21.8% 

Aruba 

8.1% 

9.1% 

11.5% 

63.6% 

HP 

7.1% 

6.4% 

6.2% 

34.2% 

Motorola  Sltns. 

6.7% 

6.4% 

6.2% 

25.0% 

Meru* 

3.1% 

2.7% 

2.5% 

15.5% 

*IN  2011.  RUCKUS  WIRELESS  BECAME  NO.  5  IN  TERMS  OF  REVENUE,  WITH  MARKETSHARE  OF  3.6%.  AND  2010-11  GROWTH  OF  80.9%. 
SOURCE:  IDC 


►  Cisco ,  from  page  1 

Networking  Business  Unit,  who  spoke  with 
Network  World  last  week  regarding  Cisco’s 
announcement  of  three  new  pretested  bun¬ 
dles  of  products  and  services  designed  to  cut 
through  the  confusing  complexity  of  enter¬ 
prise  mobility. 

The  new  Smart  Solutions  packages  are  by 
themselves  not  exactly  new;  they’re  formed  of 
existing  Cisco  hardware  and  software,  third- 
party  partnerships,  and  consulting  services 
from  Cisco  or  its  partners.  But  Cisco  says  they 
represent  a  shift  in  the  company’s  thinking 
about  how  to  deploy  mobile  technology  for 
businesses.  Instead  of  a  grab  bag  of  separate 
products,  the  new  approach  sees  mobility,  in 
effect,  as  a  whole  that’s  greater  than  the  sum 
of  its  many  parts,  including  devices,  operat¬ 
ing  systems,  apps,  Wi-Fi  access  points,  VPNs, 
authentication  and  security.  The  overarch¬ 
ing  enterprise  benefit,  according  to  Cisco,  is 
summed  up  in  a  new  term;  "Cisco  Unified 
Workspace.” 

“Enterprises  are  looking  at  the  next  genera¬ 
tion  of  users  coming  into  their  ranks,”  says 
Tim  Zimmerman,  principal  analyst  for  net¬ 
work  services  and  infrastructure  with  mar¬ 
ket  watcher  Gartner.  “Most  of  them  don’t  even 
know  what  an  RJ-45  plug  is.  The  iPad  doesn’t 
even  have  one.  There’s  a  presumption  of  wire¬ 
less  connectivity  [being  available  anywhere, 
anytime].  That  puts  more  responsibility  on 
IT  organizations  to  manage  that.” 

Cisco’s  main  challenge  in  the  enterprise 
market,  he  says,  is  execution  and  optimiza¬ 
tion  —  in  effect,  turning  PowerPoint  slides  of 
talking  points  into  concrete  capabilities  that 
enterprises  buy  into  and  then  buy  to  mobilize 
business. 

Cisco  still  dominates  the  enterprise  wire¬ 
less  LAN  landscape,  but  its  dominance  is 
less  complete  than  it  was  a  few  years  ago.  By 
revenues,  Cisco’s  share  of  the  total  worldwide 
market  for  enterprise  WLAN  equipment  is 
now  about  50%,  down  from  the  more  than 
60%  it  commanded  for  years,  according  to 
IDC.  Its  nearest  rival,  publicly  held  Aruba 
Networks,  finally  broke  into  a  double-digit 
share  of  global  revenues  only  last  year,  cap¬ 
turing  11.5%  according  to  IDC. 

Cisco  continues  to  invest  heavily  in  radio 
frequency  technologies,  leveraging  its  own 


WIRELESS  IN  THE 
J  ENTERPRISE 

Subscribe  to  our  free  newsletter: 
www.nwdocfinder.com/1028 


Wi-Fi  chip  designs  with  Cisco-developed,  on- 
chip  code  to  boost  signal  reliability  and  con¬ 
sistency,  and  throughput.  The  focus  is  less 
on  raw  chip-level  data  rates,  though  that’s 
important,  and  more  on  optimizing  the  con¬ 
nection  to  provide  the  reliability,  security  and 
throughput  of  a  wired  Ethernet  link. 

Cisco’s  Hajela,  who  formerly  ran  Motoro¬ 
la’s  WLAN  group  and  came  over  to  his  cur¬ 
rent  job  at  Cisco  in  August  2011,  sometimes 
sounds  like  a  network  version  of  Dr.  Phil. 
“More  and  more  of  our  messaging  is  about 
customer  ‘care-abouts,’”  he  says  at  one  point. 
And  at  another  point,  “The  end  user  is  looking 
for  an  uncompromised  experience,  regard¬ 
less  of  the  network”  connectivity. 

These  bromides  actually  mean  something, 
and  Hajela  becomes  specific  and  insistent 
when  pressed.  “The  network  doesn’t  matter 
to  the  user,”  he  says.  “What  he  wants  is  to  be 
able  to  use  his  app  wherever  he  is.” 

And  that  use  must  be  optimal.  “If  my  device 
and  my  network  connection  supports  high- 
def  video,  then  I  should  get  high-def  video,” 
he  says.  “And  if  I’m  using  a  smartphone,  I 
should  get  optimal  battery  life.  These  things 
should  be  handled  by  intelligence  placed  in 
the  network.” 

Cisco’s  job  is  to  cram  more  and  more  intelli¬ 
gence  into  the  networks  and  applications  and 
infrastructure  that  supports  the  enterprise’s 
mobile  users  and  mobile  business. 

“What’s  really  resonating  with  enterprise 
IT  is  this:  The  system  looks  at  who  the  user 
is,  and  what  he’s  trying  to  do,  rather  than  how 
he’s  connecting”  by  wire  or  wireless,  Hajela 
says. 

Cisco’s  Identity  Services  Engine  (ISE)  is 
a  key  part  of  this  approach,  identifying  and 
authenticating  users  regardless  of  how  they 
connect,  and  adjusting  their  access  and 


security  privileges  based  on  variables  such 
as  their  location,  connectivity  and  time  of  day. 

Tightly  integrated  with  ISE  is  Cisco  Prime 
Network  Control  System  (NCS),  which 
replaced  the  stand-alone  Wireless  Control 
System  management  application  for  Cisco 
WLANs,  and  creates  a  single  console  for  man¬ 
aging  both  wired  and  wireless. 

The  need  for  such  an  approach  “just  plain 
makes  sense,”  Network  World  wireless  blogger 
Craig  Mathias  commented  in  a  post  about 
NCS.  “Along  with  [unified]  security  and  integ¬ 
rity  comes  a  fundamental  need  to  handle  the 
ever-increasing  capacity  demanded  by  an 
ever-growing  population  of  wireless  users 
with  equally  demanding  applications,”  he 
wrote.  “A  single-pane  management  console 
adds  convenience,  lowers  cost  (Cisco  points 
out  that  generalists  with  the  right  tools  can  be 
just  as  productive  as  more-expensive  special¬ 
ists),  and  just  plain  makes  sense ...” 

Cisco  isn’t  the  only  WLAN  supplier  tak¬ 
ing  this  unifying  or  converging  approach,  as 
Gartner’s  Zimmerman  points  out.  “We  see 
this  in  HP,  in  Aruba,  which  is  now  offering  a 
[LAN]  switch  [introduced  a  year  ago]  along 
with  end-to-end,  multivendor  support,”  he 
says.  “Vendors  are  addressing  the  multiple 
elements  within  this  infrastructure  layer.” 

The  reality  is  that  Cisco  faces  a  rapidly 
changing  enterprise  mobile  environment, 
and  enterprise  customers  have  plenty 
of  options.  Earlier  this  month,  Aruba 
announced  that  Texas  A&M  University,  a 
major  Cisco  shop,  is  replacing  its  existing 
Cisco  WLAN  with  Aruba’s  products,  after 
extensive  testing.  The  school  will  eventu¬ 
ally  install  6,000  to  7,000  Aruba  802.11n 
access  points,  along  with  Aruba’s  AirWave 
wired/wireless  network  management 
application.  ■ 
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How  to  avoid  five  email  management  mistakes 


BYSUSANPERSCHKE 

EMAIL  MANAGERS  have  a  lot  at  stake.  After  all,  the  volume  of  global  electronic  messages  sent 
via  email  dwarfs  all  other  forms  of  electronic  communication,  including  social  networking.  Since 
the  inception  of  electronic  mail,  which,  according  to  some  Internet  historians,  can  be  traced  to  a 
small  mainframe  app  called  MAILBOX  from  the  mid-1960s,  human-to-human  messages  have 
been  created,  transmitted  and  stored  in  electronic  format.  But  early  email  administrators  could 
hardly  have  envisioned  the  complexity  of  current  email  infrastructure  and  the  concomitant  maze 
of  technical,  security,  business  and  regulatory  challenges. 

Here  are  five  common  mistakes  made  by  email  managers,  and  how  to  avoid  them  by  devel¬ 
oping  and  implementing  your  own  action  plan. 


Mistake  1 

Pigeonholing  email  as 
just  an  IT  function 

Business  managers  know 
they  have  a  working  mail 
server  and  trusted  indi¬ 
viduals  to  maintain  it. 

Box  checked  —  or  is  it? 

The  mail  administra¬ 
tor  on  the  IT  side  is  _ 

charged  with  keeping  the 
mail  server  operational,  performing  backups, 
patching  servers,  supporting  users  and  all 
the  other  technical  and  security  details  that 
attach  to  mail  server  administration. 

But  these  functions  represent  just  one  of 
the  many  elements  necessary  to  achieve  fully 
effective  email  management. 

Corporate  espionage  is  on  the  rise.  Accord¬ 
ing  to  a  recent  report  by  the  U.S.  Office  of  the 
National  Counterintelligence  Executive,  “The 
pace  of  foreign  economic  collection  and  indus¬ 
trial  espionage  activities  against  major  U.S. 
corporations  and  U.S.  government  agencies 
is  accelerating.”  Email  has  been  identified  as 
a  primary  means  of  leaking  corporate  secrets. 

In  a  relatively  small  number  of  cases,  secu¬ 
rity  breaches  are  intentionally  committed  by 
individuals  with  malicious  intent,  but  dev¬ 
astating  security  leaks  can  also  occur  quite 
innocently  in  organizations  where  policies, 
procedures  and  defense  mechanisms  are 
weak  or  nonexistent. 

Despite  the  fact  that  high-profile  data 
thefts  are  made  public  almost  daily,  research 
shows  that  many  email  managers  do  not  have 
adequate  measures  in  place  to  protect  against 
“exfiltration”  of  sensitive  data.  In  a  recent  eMe- 
dia  survey  commissioned  by  Mimecast,  a  stag¬ 
gering  94%  of  network  managers  said  they 
had  no  mechanisms  in  place  to  prevent  con¬ 
fidential  information  leaving  their  network. 
Clearly  there  is  a  greater  need  for  vigilance. 

As  it  pertains  to  email,  data-loss  preven¬ 
tion  (DLP)  can  be  accomplished  by  inspecting 
and  analyzing  outbound  email  traffic  (data  in 


motion)  through  a  variety  of  hardware  and 
software-based  technology  solutions,  com¬ 
bined  with  non-technology-based  DLP  poli¬ 
cies.  Several  DLP  solutions  are  built  to  extend 
common  firewall  platforms.  A  good  DLP 
solution  can  also  address  regulatory 
compliance  as  an  added  bonus. 

The  takeaway  here  is  that  a 
two-pronged  effort  —  setting 
"  and  maintaining  corporatewide 
data-loss  prevention  policies  and 
deploying  DLP  mechanisms  —  is  a  must. 

ACTION  PLAN 

1.  Email  policy  administration  should  have 
buy-in  from  top  management  and  be  enforced 
at  all  levels. 

2.  Research,  then  implement  appropriate 
companywide  DLP. 

3.  Create  and  enforce  “acceptable  use”  poli¬ 
cies.  For  example,  spell  out  whether  users  can 
check  their  personal  email  using  work  com¬ 
puters  and  whether  they  can  use  their  work 
email  for  personal  online  business. 

4.  Educate  employees  and  make  sure  they 
understand  that  compliance  with  email  poli¬ 
cies  is  mandatory. 

Mistake  2 

Complacency  with  regard  to 
spam  and  phishing 

Fifteen  years  ago,  a  single  individual  dubbed 
the  Spam  King  easily  made  $20,000  per  day 
in  what  is  still  considered  by  many  to  be  the 
world’s  largest  spam  operation.  Robert  Solo- 
way,  who  was  eventually  jailed  for  violating 
anti-spam  laws,  freely  admits  that  making 
money  on  spam  these  days  is  a  losing  busi¬ 
ness  proposition. 

Indeed,  technology  advances,  coupled 
with  more  aggressive  anti-spam  legislation, 
have  made  significant  inroads  in  the  battle 
to  control  spam  and  phishing,  but  the  fight  is 
far  from  over.  A  random  daily  sampling  from 
mail  preprocessor  MailArmory  in  April  still 
reported  spam  as  comprising  87.2%  of  its  pre- 
processed  email  traffic.  But  the  preprocessed 


spam  mercifully  no  longer  lands  in  the  user’s 
email  account.  The  captured  messages  can  be 
reviewed  and  released  from  the  MailArmory 
server,  or  simply  ignored,  in  which  case  the 
suspect  emails  will  be  deleted. 

On  another  anti-spam,  anti-phishing  front, 
industry  titans  including  Google,  Microsoft, 
PayPal,  Bank  of  America  and  Facebook, 
just  to  name  a  few,  recently  collaborated  to 
support  DMARC  (Domain-based  Message 
Authentication,  Reporting  &  Conformance). 

The  new  DMARC  specification  is  a  prom¬ 
ising  step  in  the  right  direction  that  uses 
existing  technology  such  as  Sender  Policy 
Framework  (SPF)  and  DomainKeys  Identi¬ 
fied  Mail  (DKIM)  to  combat  spam  and  phish¬ 
ing  messages.  In  short,  it  provides  a  way  for 
email  senders  to  inform  receivers  that  their 
emails  are  protected  by  SPF/DKIM  and  the 
receivers  can  in  turn  authenticate  messages 
based  on  whether  a  message  is  aligned  with 
what  the  receiver  knows  about  the  sender.  If 
this  standard  becomes  widely  implemented  it 
should  make  it  more  difficult  for  third-party 
spammers  to  spoof  messages  and  have  them 
delivered  to  end  users. 

Agari,  an  early  developer  and  provider 
of  DMARC  services,  currently  processes 
more  than  1.5  billion  messages  per  day  using 
DMARC.  Agari  CEO  and  Founder  Patrick 
Peterson  says  that  cleartext  messaging,  which 
is  how  the  vast  majority  of  email  is  still  trans¬ 
mitted,  is  “profoundly  insecure.”  However,  in 
the  grand  scheme  of  things,  it  actually  poses 
a  much  smaller  risk  than  alternative  attack 
methodologies  currently  in  use,  such  as 
advanced  persistent  threats  (APT). 

End-to-end  email  secured  communica¬ 
tion  via  SSL  or  TLS,  the  putative  solution 
to  cleartext  transmission,  is  fraught  with 
practical  snares,  “ft  takes  two  to  tango,”  says 
Peterson,  who  noted  that  less  than  one-tenth 
of  1%  of  emails  are  currently  transmitted  over 
secure  channels.  Peterson  says  end-to-end  is 
primarily  used  by  governmental  agencies 
and  healthcare  providers,  who  are  required 
by  law  to  secure  their  communications. 

Another  method  for  fighting  spam/phish¬ 
ing  is  hardware-based.  David  Cahill,  infor¬ 
mation  security  officer  at  Irish  mortgage 
lender  EBS,  says  his  company  needed  to  cen¬ 
trally  manage  email  security  for  more  than 
1,100  employees  and  chose  an  appliance 
partly  because  of  the  ease  of  migrating  it  into 
the  company’s  existing  email  infrastructure 
and  also  the  product’s  centralized  manage¬ 
ment  framework. 

Regardless  of  the  technology  used  to 
combat  spam/phishing,  it  is  still  nearly 
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The  key  regulations 


Regulation 

Email  Implication 

General  Applicability 

HIPAA 

Health  Insurance  Portability  and 
Accountability  Act  (1996;  email 
provisions  took  effect  in  2003) 

•  Protect  patient  information 

•  Email  retention 

Anyone  dealing  with  patient 
information  such  as  healthcare 
providers,  medical  billing 
and  insurance  companies 

SOX 

Sarbanes-OxleyAct 

(2002) 

•  Provide  audit  trails 

•  Ensure  emails  originate 
from  a  specific  person 

•  Email  retention 

•  Confidentiality  requirements 

Public  company  boards, 
management  and  accounting  firms 

GLB 

Gramm-Leach-Bliley  Act 
(1999) 

•  Protect  customers’  financial  data 

•  Regulate  opt-out  and 
privacy  policies 

•  Mandate  that  organizations 
maintain  security  programs 

Banks,  securities  companies, 
insurance  companies 

PCI-DSS 

Payment  Card  Industry  Data 

Security  Standard  (2010) 

•  Secure  and  protect  customer  data 

•  Encrypt  data  transmissions 

Organizations  that  handle 
card  information  for  major 
debit/credit/ATM  cards 

NASD  and  SEC  regulations 

•  Email  retention 

Regulated  financial 
services  organizations 

NYSE  regulations 

•  Email  retention 

•  Content  security 

Companies  listed  on  the 

NYSE  stock  exchange 

impossible  to  prevent  at  least  some  spam 
from  arriving  at  the  user’s  inbox.  Phishing 
emails  have  reached  such  a  degree  of  sophisti¬ 
cation  that  in  some  cases  they  can  deliver  mal¬ 
ware  just  by  being  opened,  even  without  the 
recipient  clicking  on  anythingin  the  contents. 

ACTION  PLAN 

1.  Reduce  spam  and  phishing  messages  by 
implementing  preprocessing  technologies 
suitable  for  your  organization. 

2.  Make  sure  your  email  policy  clearly 
advises  employees  on  what  steps  to  take  when 
encountering  suspicious  emails. 

Mistake  3 

Failing  to  consider  business-critical 
factors  when  trusting  email  to  the  cloud 

Many  cloud  providers  can  help  companies 
offload  the  resource-intensive  job  of  email 
management.  But  organizations  need  to  fully 
understand  the  impact. 

Technically,  the  steps  can  be  straightfor¬ 
ward.  It  only  takes  moments  to  redirect  MX 
records.  But  approached  too  hastily,  the  expe¬ 
diency  of  the  cloud  may  have  a  downside. 
There  are  other  important  considerations 
email  managers  need  to  take  into  account 
before  trusting  such  a  vital  business  function 
to  a  third  party. 

ACTION  PLAN 

1.  Understand  your  cloud  provider’s  service- 
level  agreement  (SLA)  and  make  sure  both 
your  organization  and  the  provider  have  a 
Plan  B  in  case  of  a  service  outage. 

2.  Make  sure  the  host  provides  reliable 
backups  and  that  you  have  adequate  access/ 
control  to  data  needed  to  meet  your  organiza¬ 
tion’s  data  retention  and  regulatory  compli¬ 
ance  requirements. 

3.  Ensure  that  the  host  has  adequate  safe¬ 
guards  in  place  to  ensure  DLP. 

4.  Perform  the  necessary  due  diligence  to  be 
able  to  place  full  trust  and  confidence  in  the 
provider. 

5.  Get  legal  advice  to  analyze  impact  on  trade 
secrets  or  other  confidential  intellectual  prop¬ 
erty  when  email  is  entrusted  to  a  third  party. 

Mistake  4 

Not  protecting  failover  servers 

Most  email  administrators  are  cognizant  of 
the  core  requirements  for  operating  a  fault- 
tolerant  mail  server,  including  the  need  for 
one  or  more  “failover”  servers.  Specified 
with  secondary  DNS  MX  records,  a  failover 
server  is  designated  to  handle  email  traffic 
in  the  event  the  primary  server  fails,  until 
the  primary  server  is  brought  back  online. 


Unfortunately,  in  some  organizations  the 
backup  servers  may  not  be  up  to  par  with  the 
primary  email  server  in  terms  of  security  fea¬ 
tures  and  outbound  policy  enforcement. 

Given  the  seemingly  interminable  num¬ 
ber  of  steps  required  to  configure  and  secure 
a  highly  available  email  server,  ongoing 
maintenance,  etc.,  it  is  easy  to  understand 
why  the  seldom-used  backup  server  may 
not  command  the  same  attention  to  detail  as 
the  primary  email  server.  However,  hackers 
and  spammers  also  understand  this  weak¬ 
ness,  and  may  use  it  to  bypass  the  main  email 
server  altogether,  carrying  out  their  exploits 
instead  on  more  easily  compromised  backup 
servers.  These  “end-run”  attacks  may  also 
evade  detection  if  the  backup  mail  servers  are 
not  actively  monitored. 

ACTION  PLAN 

1.  Make  sure  your  secondary  mail  servers 
are  as  secure  and  up  to  date  as  your  primary; 
patch  and  update  them  as  if  they  were  pro¬ 
duction  servers. 

2.  Set  up  monitoring  devices  to  automatically 
recognize  and  monitor  the  failover  server 
when  it  is  brought  online  without  manual 
intervention. 

Note:  In  what  is  becoming  a  more  common¬ 
place  practice,  to  reduce  the  risks  of  vulner¬ 
able  backup  servers,  some  email  providers  do 
not  use  “hot  secondaries,”  but  instead  utilize 
offline  mail  servers  that  can  be  promoted  in  the 


case  of  failure  of  the  primary.  This  reduces  the 
attack  surface,  but  requires  a  rapid  response  if 
the  main  email  host  goes  down. 

Mistake  5 

Failure  to  plan  for  IPv6 

At  this  point,  virtually  no  one  actively 
involved  in  IT  can  credibly  claim  not  to  have 
seen  the  buzz  about  IPv6. 

Even  if  your  organization  doesn’t  contem¬ 
plate  migrating  to  IPv6  for  Web  hosting  and 
email,  IPv6  migrations  are  happening  every¬ 
where  and  at  some  point  in  the  near  future 
your  ISP  will  probably  become  IPv6  capable. 
This  fact  alone  means  your  IPv4-only  infra¬ 
structure  could  be  found  wanting,  and  may 
provide  spammers  and  hackers  the  perfect 
route  to  the  heart  of  your  email  server  and 
beyond. 

ACTION  PLAN 

1.  Develop  a  plan  for  IPv6  in  general  and  IPv6 
impact  on  email  specifically. 

2.  Update  outmoded  IPv4-only  routers  and 
switches  that  cannot  perform  deep-packet 
inspection  of  IPv6  traffic.  ■ 

Perschke  is  CSO  for  Arc  Seven  Technology. 
She  is  also  an  experienced  technical  writer, 
and  has  written  numerous  white  papers  for  a 
number  of  organizations,  including  Fortune 
500  companies.  Susan  can  be  reached  at 
susan@arcseven.com. 
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SMS  a  killer  app  at  20;  irrelevant  at  25? 


THE  FIRST  SMS-capable  mobile  phones 
were  approved  for  sale  in  Europe  20  years 
ago  this  month.  By  any  measure,  SMS  has 
become  a  huge  success,  at  least  for  the  telephone  companies,  with  more 
than  6  trillion  SMS  messages  sent  worldwide  in  2010,  generating  more 
than  $110  billion  in  revenue.  But  the  future  may  not  be  anywhere  near 
as  bright  because  of  increasing  use  of  “free”  Internet-based  services 
such  as  Facebook,  Apple’s  Message  and  WhatsApp.com. 

SMS  is  a  great  deal  for  telephone  companies.  It  costs  almost  nothing 
to  transport  an  SMS  message,  yet  the  global  average  price  for  a  message 
is  11  cents.  Verizon  lists  its  price  as  40  cents  (20  cents  for  you  to  send 
a  message  and  20  cents  for  your  friend  to  receive  the  same  message). 
And  this  is  essentially  pure  profit.  A  great  deal  for  the  telephone  car¬ 
riers  and  an  example  of  the  lack  of  real  competition,  since  real  compe¬ 
tition  would  drive  the  price  of  a  service  that  costs  almost  nothing  to 
provide  very  low  indeed. 

It  is  not  quite  as  exploitive  as  it  might  appear  since  60%  or  so  of  U.S. 
wireless  customers  now  have  flat  rate,  and  frequently  unlimited,  SMS 
packages  as  part  of  their  wireless  contracts  rather  than  paying  per 
message.  Some  carriers,  such  as  Verizon,  have  been  limiting  their  low- 
cost  and  limited  SMS  service  offerings,  thus  raising  the  basic  revenue 
they  can  expect  from  the  average  customer. 

But  the  relentless  march  of  technology  is  beginning  to  impact  this 
stream  of  money.  More  smartphone  owners  are  using  social  media 
sites  such  as  Facebook  to  communicate  with  their  friends  instead  of 
SMS.  Some  are  doing  so  to  save  money  because  there  is  no  per-message 
charge  for  updating  your  Facebook  page.  But  most  are  likely  making 
the  switch  because  they  already  use  Facebook  as  their  primary  way  to 
let  their  friends  know  what  is  going  on. 

There  is  a  new  class  of  application  directed  at  people  who  actually 


do  want  to  save  money.  WhatsApp  and,  separately,  Apple’s  Message 
are  examples.  They  also  demonstrate  the  advantages  and  limitations 
of  this  approach.  The  biggest  advantage  is  that  they  ride  on  top  of 
the  smartphone  Internet  data  service  and  are  not  charged  on  a  per- 
message  basis.  The  biggest  limitation  is  that  the  vendors  have  not  yet 
adopted  a  common  standard,  so  you  can  only  send  messages  to  people 
who  have  the  same  application. 

It  is  fundamentally  irrational  to  have  a  per-message  charge  for  an 
Internet-based  service  —  very  advantageous  for  a  carrier  that  could 
get  away  with  it,  but  technically  irrational  in  a  network  such  as  the 
Internet  where  the  incremental  cost  of  an  additional  packet  is  infini¬ 
tesimally  small. 

This  irrationality  is  already  catching  up  to  some  telephone  carriers. 
For  example,  Swisscom’s  SMS  revenue  dropped  28%  in  the  first  quar¬ 
ter  of  2012,  presumably  because  of  users  switching  to  Internet-based 
messaging  services  in  order  to  save  money. 

The  use  of  flat-rate  unlimited  SMS  plans  are  likely  to  delay  the  inevi¬ 
table  for  a  while  but,  even  with  such  plans,  why  spend  $240  per  year 
(for  Verizon)  to  use  a  function  that  is  enabled  for  no  extra  cost  by  your 
basic  data  plan  and  will  never  generate  enough  traffic  to  kick  you  into 
a  higher  data  bracket?  SMS  fees  will  soon  be  just  another  tax  on  the 
clueless  and  the  telephone  company’s  only  hope  is  that  the  clueless 
don’t  talk  to  the  cluefull. 

Disclaimer:  Harvard  likes  to  think  that  it  is  a  place  where  the  cluefull 
talk  with  the  cluefull.  If  that  is  true,  then  the  above  would  not  apply, 
thus  please  assume  that  the  above  exploration  into  telephone  company 
irrationality  is  my  own.  ■ 

Bradner  is  Harvard  University's  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 


Tech  managers  aren’t  developing  IT  talent 


BY  ANN  BEDN A R Z 

TECH  MANAGERS  need  to  do  a  better  job 
developing  talent,  IT  pros  say.  There’s  too 
much  judgment  and  not  enough  instruction, 
according  to  new  poll  data  from  Dice.com. 

The  IT  careers  site  asked  about  the  rela¬ 
tionship  between  managers  and  their  tech 
staff,  and  unsurprisingly,  most  poll-takers 
rated  it  a  very  important  (59%)  or  somewhat 
important  (23%)  factor  in  the  decision  to  stay 
at  their  current  firm  or  look  for  a  new  job.  Just 
6%  said  the  manager-staff  relationship  isn’t 
an  important  factor  in  the  decision  to  stay  at 
a  job,  and  another  6%  went  a  step  further  and 
said  it’s  not  a  factor  at  all.  (The  remaining  6% 
of  respondents  are  either  between  jobs  or  are 
the  boss.) 

In  addition  to  influencing  an  employee’s 
job  search  decisions,  an  IT  boss  has  the  power 
to  influence  a  company’s  reputation  and  its 
ability  to  recruit  tech  talent,  says  Tom  Silver, 
senior  vice  president.  North  America,  at  Dice. 
“Yet,  when  it  comes  to  developing  talent,  tech 
managers  are  not  making  the  grade,"  Silver 


noted  in  a  report  released  this  month. 

A  majority  of  IT  professionals  judge  their 
current  managers  as  graders  (61%)  vs.  teach¬ 
ers  (26%),  but  it’s  more  important  to  create  a 
nurturing  workplace  than  a  pass/fail  depart¬ 
ment,  Silver  said. 

“There  will  always  be  a  need  for  some  grad¬ 
ing,  but  the  emphasis  should  be  on  teaching. 
Tech  professionals  do  their  best  work  when 
it’s  a  safe  environment  to  try  new  solutions, 
explore  alternatives  and  fail,”  he  said.  “Over 
time,  wisdom  gained  equals  fewer  mistakes, 
cutting  quickly  to  the  best  solution  and 
increasing  production.  That’s  a  pretty  good 
payback.” 

If  tech  employees  don’t  feel  valued,  they’re 
going  to  jump  ship.  Turnover  has  fallen  below 
average  for  41  months  in  a  row,  according  to 
the  U.S.  Bureau  of  Labor  Statistics,  but  tech 
managers  can’t  count  on  a  struggling  econ¬ 
omy  and  tight  job  market  to  keep  their  depart¬ 
ments  staffed.  Good  talent  will  flee,  Silver  said. 

“Frankly,  companies  haven’t  felt  the 
repercussions  of  subpar  workplaces  in  the 
last  three  years.  But,  the  gap  between  the 


importance  of  the  employee-manager  rela¬ 
tionship  and  the  way  it’s  developing  is  unac¬ 
ceptable.  Both  sides  need  to  remember  this  is 
a  lasting  connection  and  one  worth  the  effort.” 

As  of  May  1,  Dice.com  lists  84,911  avail¬ 
able  tech  jobs  on  its  site.  The  top  tech  metro 
areas,  based  on  the  number  of  open  jobs 
compared  to  a  year  ago,  are:  New  York/New 
Jersey  (9,005  jobs,  up  1%),  Washington,  D.C./ 
Baltimore  (8,063  jobs,  up  10%),  Silicon  Val¬ 
ley  (5,620  jobs,  up  21%),  Chicago  (3,731  jobs, 
up  10%),  Boston  (3,290  jobs,  up  15%),  Los 
Angeles  (3,267  jobs,  up  5%),  Dallas  (3,237 jobs, 
up  24%),  Atlanta  (3,196  jobs,  up  17%),  Seattle 
(2,993  jobs,  up  23%)  and  Philadelphia  (2,379 
jobs,  up  7%).  ■ 


©  IT  Roadmap  Denver  is  the  one  day. 
cost  free,  professional-level  confer¬ 
ence  and  expo  that's  full  of  job-ready 
solutions  you  can  put  to  work  now. 
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Linked  FBI 

NETWORKWORLD 


Network  World's  forum  on  Linkedln  is  the  place  for 
network  and  IT  professionals  to  offer  each  other  advice 
and  discuss  the  networking  news  of  the  day.  Network 
World  editors  are  on  hand  to  ensure  that  the  group 
remains  free  of  spam  and  vendor  spin,  and  to  give  their 
take  on  what's  important  in  networking.  Occasionally, 
they'll  poll  the  group  on  controversial  issues  and  you 
can  make  your  voice  heard. 

Ask  a  question.  Post  a  job  listing.  Connect  with 
peers.  Join  Today! 


www.networkworld.com/linkedin 
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TOOLS 

An  OS  for  the  home  and 
cool  Kickstarter  projects 


This  week  we  start  with  something  that 
has  both  intrigued  and  amused  me:  Micro¬ 
soft  Research  has  a  new  operating  system 
in  the  works  targeted  at  home  automation 
called,  with  glaring  dullness,  HomeOS. 


Microsoft  says,  “To  simplify  the  man¬ 
agement  of  technology  and  to  simplify  the 
development  of  applications  in  the  home, 
we  are  developing  an  ‘operating  system’  for 
the  home.  HomeOS  provides  a  centralized, 
holistic  control  of  devices  in  the  home.  It  pro¬ 
vides  to  users  intuitive  controls  to  manage 
their  devices.  It  provides  to  developers  high- 
level  abstractions  to  orchestrate  the  devices 


still,  “ho-moes.” 

So,  I  have  two 
Kickstarter  projects 
that  you  should 
look  into.  The 


Mark  Gibbs'  Gearhead 


in  the  home.  HomeOS  is  coupled  with  a 
HomeStore  through  which  users  can  easily 
add/obtain  applications  that  are  compatible 
with  devices  in  their  homes  and  obtain  any 
additional  devices  that  are  needed  to  enable 
desired  applications.” 

What  intrigued  me  about  this  project  is 
Microsoft  is  surprisingly  late  to  a  market 
that  has  yet  to  really  take  off.  Perhaps  Micro¬ 
soft  thinks  it  can  give  it  a  push  start. 

But  I  am  also  amused  by  the  name.  Run¬ 
ning  the  operating 
system  name  past 
various  friends,  they 
either  pronounced  it 
“ho-me-oss”  or,  worse 


first  is  the  HAND  Stylus,  which  looks  like 
it  will  be  the  capacitative  stylus  I’ve  wanted 
since  I  first  got  an  iPad.  The  problem  with 
the  current  styli  I’ve  tried,  is  they  feel  more 
like  using  a  banana  than  a  pen.  Styli  such 
as  the  TenOne  Pogo  Sketch  Plus  ($15)  are 
OK  for  some  purposes  (painting  apps  and 
simple  graphics),  but  they  feel  nothing  like  a 
regular  pen  on  regular  paper. 

With  a  4mm  tip  (roughly  30%  smaller  than 
any  other  stylus  I’ve  tried)  the  HAND  Stylus 
promises  to  be  a  vast  improvement  over  other 
designs.  The  HAND  Stylus  also  looks  great, 
rather  like  my  favorite  mechanical  pencils 
made  by  Rotring  (I  studied  architecture  back 
in,  oh,  the  Pleistocene  era,  and  Rotring  was 
the  Rolls-Royce  of  drafting  pencils). 

As  with  other  Kickstarter  startups,  you 
can  support  this  project  for  as  little  as  $1. 
Actually,  even  if  you  don’t  personally  get 

involved,  the  HAND  Stylus  project 
will  happen  because,  as  of  this 
writing,  over  1,800  backers  have 
committed  more  than  $74,000 
($25,000  was  the  original  goal) 
and  there’s  still  more  than  30  days 
until  the  project’s  funding  date 
of  June  17.  Can  you  say  “pent-up 
demand”? 

The  other  Kickstarter  project 
of  note  is  Wovyn,  started  by  my 
old  friend  Scott  Lemon  (who  I’ve 
known  since  our  Novell  days  25 
years  ago!).  This  project  is  actually 
related,  potentially,  to  Microsoft’s 
HomeOS,  in  that  it  enables  the 
connection  of  the  real  world  with 
the  online  world. 


Wovyn  is  an  “Internet  of  Things”  concept 
and  consists  of  a  gateway  device  that  com¬ 
municates  wirelessly  with  a  large  range  of 
sensor  types  (30  different  types  are  either 
ready  or  in  development,  including  sensors 
for  temperature,  humidity,  magnetic,  light 
and  acceleration).  The  gateways  communi¬ 
cate  with  networks  either  over  Wi-Fi  or  via 
a  Windows,  Linux  or  Mac  computer  using  a 
USB  connection. 

The  idea  is  that  you’ll 
be  able  to  “scatter  wire¬ 
less  sensors  all  over  your 
home  or  business ...  or  even 
outdoors.”  The  project  sug¬ 
gests,  “If  you  want  to  know 
if  your  freezer  door  is  open 
OR  your  basement  is  flood¬ 
ing  OR  if  your  front  door 
just  opened,  that’s  THREE 
SEPARATE SENSORS - 
Wovyn  allows  you  to  do  all 
that  for  under  $200!” 

What  can  be  done  with  the  sensor  data? 

The  project  explains,  “we  let  you  create  rules 
of  what  you  want  Wovyn  to  do  when  it  senses 
different  things.  Sure,  we  can  do  Email,  SMS, 
Twitter  and  Facebook,  but  we  also  allow  you 
to  connect  to  several  of  the  top  Internet  data 
services  like  Pachube  (now  Cosm),  Sen.se, 
ThingSpeak,  and  Kynetx  with  a  few  clicks 
on  our  portal!  Simple! . . .  and  this  is  where  it 
really  gets  good ...  we  provide  full  support  for 
REST/WebHooks,  EventedAPI,  and  MQTT 
so  that  you  can  point  Wovyn  and  your  sensor 
data  at  your  own  software ...  or  at  software 
that  we  haven’t  even  thought  of  yet!” 

Wovyn’s  Kickstarter  fund  raising  ends 
June  24  and  so  far  45  backers  have  pledged 
almost  $8,800  toward  the  goal  of  $100,000 
with  less  than  40  days  to  go.  This  project 
looks  promising  and  hopefully  folks  with  far 
deeper  pockets  than  mine  get  involved.  ■ 

Gibbs  keeps  his  ear  to  the  ground  in 
Ventura,  Calif.  Tell  him  what  you  hear  at 
gearhead@gibbs.com  and  follow  him  on 
Twitter  (@quistuipater)  and  on  Facebook 
(quistuipater). 


Wovyn  consists  of  a 
gateway  device  that 
talks  with  a  large  range 
of  sensor  types. 
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GADGETS 

Enhance  your  videos  with 
handy  time-lapse  camera 


Keith  Shaw’s 
Cool  Tools 


i 

I 


TLC200 

time-lapse 


camera 


by  Brinno,  about  $200 
(available  at  smartecstore.com) 


►  What  it  is:  About  the  size  of  a  Cisco  Flip 
portable  camera,  the  Brinno  TLC200  lets 
you  take  time-lapse  and  stop-motion  videos 
(stop-motion  with  the  help  of  an  optional 
shutter  accessory)  quickly  and  easily. 

At  the  press  of  a  button,  you  can  begin 
recording  video  at  set  time  intervals  (for 
example,  two  seconds,  three  seconds,  five 
seconds,  one  minute),  and  then  press 
again  to  stop.  The  camera  is  powered 
by  four  AA  batteries,  and  comes  with  a 
2GB  SD  memory  card.  It  can  record  to 
AVI  movie  or  .jpeg  photo  format, 
with  1280-by-720-pixel 
resolution  (720p) 
or  640-by- 
480-pixel  resolu¬ 
tion  (480p). 

Settings  on  the 
camera  let  you 
adjust  the  interval 
at  which  the  camera 
records,  as  well  as  adjust  for 
low  light,  frame  rate  and  whether 
you  want  a  timestamp  on  the  video. 

The  timestamp  setting  is  nice  if  you 
want  to  use  the  camera  for  security 
footage  purposes.  The  camera  can  be 
mounted  on  a  monopod  or  tripod  in 
case  you  want  to  create  long-lasting 
time-lapse  videos,  and  the  camera 
lens  can  rotate  vertically  if  you  want 
to  record  the  sky.  The  camera  comes  in 
two  different  color  options:  blue/black 
or  green/white. 


►  Why  it’s  cool:  The  ease  with  which 
you  can  create  time-lapse  videos  make 
this  camera  a  must-buy.  Other  cameras 
and  camcorders  may  have  time-lapse 
functionality,  but  it’s  usually  hidden 
within  their  other  features.  In  addition. 


►  Grade  (out  of  five) 


Shaw  can  be  reached  at  kshaw@nww. 


com. 


you  can  record  a  segment  and  then  condense 
the  video  in  video  editing  software,  but  the 
results  aren’t  as  smooth  as  what  you  get  with 
this  camera. 

When  I  used  this  camera,  I  was  able  to  get 
lots  of  time-lapse  videos  at  a  trade  show  for 
use  as  B-roll  footage,  and  I  could  also  create 
quick-and-fun  music  videos  (for  example, 

I  placed  the  camera  on  my  car’s  dashboard 
and  recorded  a  trip  to  the  grocery  store 
and  back,  and  then  added  a  soundtrack  via 
YouTube).  With  the  optional  ShutterLine 
accessory  ($20,  model  ATSIOO),  I  could  use 

the  camera  to 


create  stop-motion  animations.  If  you  have 
the  patience  for  such  an  endeavor  —  you 
still  have  to  move  your  objects  by  hand 
—  this  camera  can  help  you  achieve  your 
animation  goals  quite  nicely. 

Video  enthusiasts  will  appreciate  having 
this  camera  in  their  arsenal  for  creating 
additional  footage  quickly  and  easily.  The 
more  you  play  with  the  device,  the  more 
ideas  you  end  up  getting  on  creating  time- 
lapse  or  stop-motion  footage. 


►  Some  caveats:  The  software  on  the  cam¬ 
era  could  be  improved  to  let  you  view  your 
footage  on  the  camera  instead  of  transfer¬ 
ring  the  files  to  a  computer  for  viewing.  To 
save  battery  life,  the  image  on  the  screen 
goes  away  when  you’re  recording,  so  it 
was  hard  to  tell  after  a  recording  session 
whether  I  succeeded  or  failed  until  I 
checked  the  footage  on  my  computer.  In 
addition,  the  instructions  have  some 
language  translation  issues  —  Brinno  is 
a  Taiwan-based  company  and  some  of 
the  instructions  are  confusing. 
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EXPERTS 
FACE  OFF 
on  the 
HOTTEST 
TOPICS 
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iOS  vs.  Android  in  the  enterprise 

We  turned  to  a  company,  MEDL  Mobile  Inc.,  which  develops  mobile  apps  for  both  platforms,  to  get  opposing  views  on 
these  popular  platforms.  (For  more  information  about  MEDL  Mobile  please  visit  http://www.medlmobile.com.) 


IT  DEPARTMENTS,  WHICH  NEED  TO  bal¬ 
ance  security  with  the  desires  and 
needs  of  corporate  users,  have  been 
debating  the  merits  and  drawbacks 
of  iOS  ever  since  the  iPhone  launched 
(or  rather,  since  executives  started 
buying  them  and  demanding  access 
to  corporate  infrastructure). 

At  the  time,  BlackBerry  devices 
were  most  commonly  used  for  cor¬ 
porate  use  —  they  supported  email 
and  light  Web  browsing,  and  had  a 
number  of  security  options. 

Today,  iOS  answers  those  enter¬ 
prise  needs  and  a  few  more  that 
the  BlackBerry  and  even  Android- 
compatible  devices  do  not.  After  all, 
business  users  are  looking  for  a  lot 
more  than  simple  email.  They  want 
access  to  social  networks,  they  want  to  be  able  to  read  and  partici¬ 
pate  in  different  online  discussions,  they  want  to  be  able  to  use 
custom  applications  created  for  their  workplace,  and  they  want 
to  access  enterprise-level  applications  like  SAP  Crystal  Reports 
and  Salesforce.com. 

No  other  existing  mobile  platform,  including  Android,  can 
accommodate  everything  iOS  can. 

For  business  owners,  iOS  delivers: 

*  Email:  iOS  supports  Microsoft  Exchange 
accounts,  and  also  supports  ActiveSync,  which 
allows  contacts,  calendars  and  email  hosted  on 
existing  enterprise  Exchange  servers  to  be  pushed 
to  any  iOS  devices. 

■  Documents:  Email  attachments  with  Excel 
spreadsheets,  PowerPoint  presentations  and 
Word  documents  can  be  easily  viewed  without 
having  to  download  any  additional  software. 

Apple’s  iWork  suite  supports  document  editing, 
which  also  can  be  exported  into  Microsoft  formats. 

From  an  IT  perspective,  iOS  offers: 

■  Security:  iOS  apps  are  restricted  from  accessing 
data  from  other  apps,  which  guards  against  mali¬ 
cious  third-party  apps  accessing  sensitive  corporate 
data.  Devices  can  also  be  remotely  locked  (or  even 
wiped)  if  lost  or  stolen  using  mobile  device  man¬ 
agement.  Additional  security  measures  allow  the 

►  See  iOS,  page  22 


ANDROID  OUTSHINES  IOS  IN  THE  enter¬ 
prise  for  a  variety  of  reasons,  chief 
among  them  being  the  fact  that  it  is 
an  object-oriented  architecture  based 
on  the  mature  Java  language.  Being 
open  source,  developers  around 
the  world  are  contributing  to  and 
improving  Android  every  day.  That 
helps  account  for  Android’s  stag¬ 
gering  market  share.  Even  though 
Android  is  a  relative  newcomer,  it 
already  has  half  of  the  market  for 
mobile  devices,  while  Apple  has 
slipped  down  to  a  30%  share. 

Java’s  portability  also  means  the 
Android  framework  can  be  run 
on  a  range  of  hardware,  including 
devices  from  Samsung,  LG,  Motor¬ 
ola  and  HTC,  and  can  be  picked  up 
by  any  hot  newcomers.  That  means  Android  is  not  limited  to  a 
single  mobile  phone,  tablet  and  music  player  and,  what’s  more, 
can  be  integrated  with  embedded  hardware  such  as  monitoring 
equipment,  automated  processes,  robotics,  etc. 

The  Java  language  is  mature  and  well  documented,  and  much 
of  the  functionality  of  this  robust  language  has  been  ported  to  the 
Android  framework.  This  allows  developers  to  easily  find  APIs  for 
their  specific  needs.  From  creating  a  custom  bitmap 
to  leveraging  helper  functions,  Java  allows  for  a 
smoother  experience  for  developers  and  engineers. 

The  Java  language’s  maturity  also  means  there 
are  many  talented  Java  developers  who  are  work¬ 
ing  toward  Android’s  success,  versus  the  few 
Objective-C  developers  who  can  only  develop  for 
Apple  products.  Any  iOS  features  have  been,  or 
will  be,  ported  over  to  the  Android  framework. 

What’s  more,  Android  can  leverage  a  wealth  of 
enterprise  J2EE  back-end  services,  whereas  iOS 
is  only  now  offering  enterprise-focused  services. 
The  J2EE  standard  represents  a  collaboration 
between  leaders  from  throughout  the  enterprise 
software  arena  and  Android  can  take  advantage 
of  existing  J2EE  architecture  by  using  native  con¬ 
nectivity  to  back-end  Web  services,  enabling  the 
development  team  to  focus  mainly  on  the  mobile 
application’s  user  interface. 

►  Sec  Android, page 22 


iOS  is 
the  only 
choice 


Jeffrey  Berthiaume,  vice 
president  of  technology 
at  MEDL  Mobile 


Which  platform 
is  better? 


Android  —  55% 


iOS-45% 


Cast  your  vote  and  see 
comments  at 
tinyurl.com/cgnxjyv 


Android 

provides 

Stall 


Dennis  Baliton,  senior 
app  manager  at  MEDL 
Mobile 
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INTRODUCING  BLACKBERRY  MOBILE  FUSION. 

Now  all  personal  and  corporate-owned  BlackBerry 
iOS  and  Android  devices  can  seamlessly  access 
business  data  and  applications  on  a  single, 
secure  management  platform.  To  find  out  how 
this  new  approach  will  end  mobile  chaos,  visit 
blackberry.com/mobilefusion 


BlackBerry 

Be  Bold 


i  techdebate 


►  iOS ,  from  page  20 

management  of  devices  (via  over-the-air  policy  enforcement),  the 
network  (via  SSL/TLS),  local  data  (via  built-in  hardware  encryp¬ 
tion)  and  platform  security,  which  “sandboxes”  each  application  so 
data  cannot  be  transferred  or  accessed  by  the  wrong  application. 

■  Exchange  ActiveSync,  LDAP  and  CardDAV:  Corporate  direc¬ 
tory  information  can  be  accessed  through  the  iOS  contacts  app 
through  Exchange  ActiveSync  as  well  as  open-source  LDAP-  and 
CardDAV-enabled  accounts.  In  fact,  iOS  can  be  used  to  integrate 
with  any  standards-based  mail  and  calendar  environment. 

■  VPN/SSL  VPN:  Depending  on  what  is  implemented  internally, 
enterprise  users  can  access  their  private  corporate  networks  using 
IPSec,  SSL  VPN  or  WPA2  Enterprise  Wi-Fi. 

■  Product  life  cycle:  iOS  updates  have  historically  supported  cur¬ 
rent  devices  as  well  as  those  introduced  in  the  last  two  to  three 
years.  Android  devices  are  at  most  “compatible”  with  each  other, 
and  even  different  devices  with  the  same  version  of  the  OS  might 
still  perform  differently. 

■  Remote  configuration:  iOS  devices  can  be  remotely  configured  to 
handle  changes  in  mail  settings,  Wi-Fi  settings  (both  internal  and 
public),  parental  controls  and  application  installs  (both  from  the 
company  and  from  the  App  Store),  and  manage  other  enterprise 
access  restrictions  (such  as  disabling  app  installations,  or  blocking 
applications  such  as  YouTube  or  Facebook).  Remote  deployment  of 
in-house  apps  is  also  supported.  In  contrast,  each  type  of  Android 
device  would  need  to  be  configured  and  supported  internally  — 
and  with  the  different  vendors  (HTC,  LG,  Samsung,  etc.)  as  well  as 
mobile  providers  (Verizon,  AT&T,  Sprint,  T-Mobile,  etc.),  there  is  too 
large  a  universe  of  SKUs  to  evaluate  and  support. 

With  the  number  of  iOS  products  available  in  the  marketplace,  it 
makes  sense  for  IT  to  embrace  iOS  and  firmly  integrate  it  into  their 
enterprises’  needs.  The  Android  OS  is  too  fragmented,  potentially 
insecure,  and  simply  not  stable  enough.  9 


►  Android ,  from  page  20 

This  legacy  also  means  there  is  a  generation  of  traditional  Java 
developers  who  are  able  to  easily  transition  to  become  mobile 
Android  application  developers  by  simply  learning  the  Android 
framework  and  leveraging  free  development  platforms  and  docu¬ 
mented  libraries. 

Java  teams  have  long  been  spoiled  with  free  development  tools 
that  give  them  a  complete  development  environment,  and  a  basic 
Android  environment  can  be  set  up  by  downloading  the  Android 
SDK  and  tools  for  Eclipse  for  any  operation  system:  Windows,  Mac 
OS  or  Linux.  Everything  is  free  and,  with  a  little  bit  of  elbow  grease, 
you  can  get  up  and  running  in  about  an  hour. 

This  familiarity  with  Java’s  vast  array  of  libraries,  frameworks 
and  tools  allows  teams  to  reuse  existing  infrastructure  for  solv¬ 
ing  most  common  use  cases.  In  many  cases,  there  is  more  than 
one  good  choice  for  addressing  a  particular  need. 

Taken  together,  the  Java  base  makes  it  much  simpler  for  compa¬ 
nies  to  use  existing  infrastructure  —  database,  service  layer  and 
application  server  —  as  the  backbone  for  Android  applications. 

For  a  newcomer,  Android  has  already  garnered  an  incredible 
share  of  the  market  for  all  of  the  reasons  outlined,  and  it  still  has  a 
lot  of  room  to  grow.  This,  coupled  with  the  fact  that  Android  can  be 
run  on  multiple  types  of  hardware,  promotes  market  competition 
that  safeguards  against  monopolization  of  the  emerging  mobile 
device  markets,  and  spawns  creativity  among  hardware  and  soft¬ 
ware  companies. 

In  the  race  to  be  the  leader  in  mobile  operating  systems.  Android 
is  a  true  contender  with  its  ability  to  leverage  the  portability  of  Java 
and  the  strength  of  a  global  community  of  developers  with  its  open 
source  platform.  The  bottom  line  is  that  any  app  you  can  develop 
for  iOS  can  also  be  done  for  Android.  ■ 

CD  Send  Debate  Suggestions  to  jdix@nww.com 
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©  As  a  user  of  both  within  the  company 
(Android  smartphone  and  iPad),  the  only 
real  advantage  I  see  is  that  regardless  of 
the  service  provider/vendor  Apple  does 
a  great  job  in  providing  iOS  updates  in  a 
timely  manner.  With  the  Android,  even 
though  I  have  one  of  the  most  popular 
and  latest  phones,  the  wireless  provider 
refuses  to  provide  updates  (like  ICS)  until 
it  places  its  version  there,  which  typically 
hreaks  things.  If  it  tried  that  with  Apple  it 
would  get  told  to  take  a  hike!  GARY 
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Android  is  easier  to  learn 
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©  I  am  a  dedicated  mobile  developer, 
both  Android  and  iOS.  I  love  both  plat¬ 
forms.  Android  was  easier  to  learn  and 
supported' by  a  wide.variety  of  hosts.  iOS 
is  somewhat  more  difficult  to  work  with 
dud  to  the  tightly  controlled  development 


and  distribution  model.  Android's  strength 
in  diversity  is  now  a  serious  flaw  in  secu¬ 
rity.  Keylogging  software  is  no  more  just  a 
theory,  it’s  a  reality.  There  is  no  model  in 
place  for  updating  security  on  the  myriads 
of  customized  and  outdated  Android  roms 
now  live  in  the  field.  What  was  perceived 
as  Apple's  chokehold  on  development  is 
now  its  salvation.  This  is  where  the  tightly 
controlled  iOS  platform  wins,  and  Android 
loses. CHARLEY  JONES 


Java  is  not  a  differentiator 


©  I  read  this  article  right  after  seeing  a 
demo  of  iOS  management  suite.  It  wasn't 
as  robust  as  desktop  management  and 
isn't  everything  I  think  one  needs  for  the 
enterprise  but  it  is  a  start.  Now.  the  com¬ 
mentaries:  Berthiaume  listed  many  of  the 
features  that  he  believes  makes  iOS  more 
enterprise  ready.  Baliton  countered  that 
Android  is  more  common  and  uses  Java. 


In  other  words,  Berthiaume  listed  actual 
advantages.  Baliton  listed  a  tool.  And  it  is 
also  a  poor  tool  to  differentiate  yourself 
with  when,  even  though  Android  has  more 
installations,  it  still  lags  in  apps  and  devel¬ 
opment.  MICHAEL  LAMPHAM 


iOS  has  been  far  simpler 


©  I  love  Android.  I  use  it  for  my  personal 
devices  and  like  it  far  better  than  iOS. 

For  managing  devices  in  the  enterprise, 
however,  iOS  has  been  far  simpler  with 
better  capabilities.  The  policies  are 
more  polished,  there  are  more  options 
for  managing  apps,  deployment  of  the 
devices  are  easier,  there  are  fewer  gotchas, 
etc.  We  will  deploy  Android  devices 
as  well  (as  the  platform  matures)  but 
iOS  is  just  better  in  almost  every  way 
right  now  (for  business  purposes)  and 
therefore  we  are  recommending  them 
almost  exclusively.  CHRIS  FRICKLE 
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DESKTOP  ASA  SERVICE ( D A AS) 

Consider  desktops  in  the  cloud  for  BYOD 

Five  DaaS  vendors  deliver  Windows  desktops  to  any  end  user  device 


BYTOM  HENDERSON 

Desktop  as  a  service  is  an  interesting  way  for  IT 
execs  to  provide  cloud-based  Windows  desk¬ 
top  sessions,  as  well  as  shared  resources  such 
as  storage.  DaaS  can  help  companies  roll  out 
new  desktops  and  support  bring-your-own- 
device  policies. 

DaaS  or  hosted  virtual  desktop  (HVD)  providers  offer 
a  pristine,  policy-controlled  session  (either  persistent  or 
ad  hoc)  that  can  be  accessed  by  a  wide  variety  of  devices. 
If  you  have  a  new  iPad  and  a  Bluetooth  keyboard,  you’re 
in.  Mac?  You’re  in.  An  old  and  wheezing  Windows  XP 
patched-to-death  machine?  You’re  in.  The  machine  used 
to  access  a  DaaS  session  is  largely  irrelevant  to  the  ses¬ 
sion’s  use,  which  can  be  for  standard  “office”  functions,  or 
as  part  of  an  application-specific  setup. 

The  products  we  tested  ranged  from  simple  to  compre¬ 
hensive.  All  of  the  DaaS  service  providers  in  our  test  — 
Desktone,  dinCloud,  ICC  Global  Hosting,  Applications2U 
and  Nivio  —  used  a  Citrix  infrastructure  to  provide  desk¬ 
top  sessions.  But  each  of  them  arrived  at  their  product 
offering  from  a  different  perspective,  and  sometimes,  with 
a  different  attitude. 

For  this  test,  we  accessed  cloud-based  sessions  in  three 
different  ways:  Comcast  residential  broadband,  Comcast 
“business”  broadband  (higher  data  rate),  and  through 
several  different  VM  configurations  via  our  data  center 
installation  at  nFrame  in  Carmel,  Ind. 

We  liked  Nivio  for  its  very  simple  configuration.  And 
Nivio’s  “happiness  messages”  (headers  and  banners 
that  customers  could  configure  with  their  own  slogans) 
showed  that  it  wants  to  appeal  to  more  than  just  stodgy 
geek-types.  DinCloud  had  strong  and  fast  performance. 

Desktone  was  highly  configurable.  ICC  Global  Hosting 
(ICCGH)  had  a  strong  vertical  application  feel,  and  Appli- 
cations2U  seemed  targeted  toward  independent  software 
vendors  (ISV)  and  application  providers  that  prefer  an 
entire  desktop  offering  rather  than  just  a  Web-based  app. 

Some  of  the  service  providers  in  this  test  have  an  involved 
customer  intake  process  (Desktone,  dinCloud  and  ICCGH), 
while  others  were  more  like  “desktops  on  the  hoof”  (Appli- 
eations2U  and  Nivio).  The  intake  process  is  important  for 
several  reasons,  as  the  number  of  decisions  that  need  to  be 
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Product  Applications2U  Desktone  dinCloud  ICC  Global  Hosting  Nivio 


Pros 


Cons 


Hosted  desktop  Good  portal-based  Quest  vWorkspace  Very  fast,  easy  local  Has  a ‘retail’ feel,  ad 

or  Windows  Apps;  administration;  easily  access  offered  resource  control  hoc  spontaneous 

backup/hot-site  managed  instance  good  control;  very 

resources  available  configuration  fast  response 

Lacks  strong  password  Lacks  strong  password  None  Plain  vanilla  experience  Took  the  longest  to 

enforcement  enforcement  load  a  session 


Prices  are  changing  quickly;  refer  to  vendor  websites.  Most  vendors  have  a  setup  cost  and  per-desktop  cost,  with  added  possible  costs 
for  additional  features  and  applications.  Pricing,  we  found,  is  usually  transparent. 
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made  prior  to  deployment  require  planning 
and  thought. 

We  could  only  find  support  for  hosted 
Windows  (Windows  7  and  Windows  2008 
R2  “terminal”)  sessions.  You  can’t  find  Mac 
OS  because  of  Apple’s  licensing  constraints, 
and  hosted  Linux  sessions  are  difficult  to  find. 

In  terms  of  productivity  applications, 
most  of  the  vendors  could  supply  Microsoft 
Office  and  SharePoint.  They  also  expressed 
a  willingness  to  brand  DaaS  desktops  with 
organizational  logos,  “stock”  applications 
and  resource  links,  as  well  as  to  negotiate 
pre-loaded  software  for  both  persistent  and 
ad  hoc  sessions. 


SCORECARD  iimiiimiiiiiimmiiimiiiiiiimif  miimiiiiiiiiiiiiiiii 


Product 

Applications2U 

Desktone 

dinCloud 

ICC  Global 
Hosting 

Nivio 

Client  Options  (25%) 

4 

4 

4.5 

4 

4 

Management  (25%) 

5 

4.5 

4.5 

4 

4 

Compatibility  (25%) 

4 

4 

4 

4 

4 

Speed  *(25%) 

4 

5 

5 

5 

5 

Total 

4.25 

4.37 

4.5 

4.25 

4.25 

*  Subjectively  measured  by  observations  from  broadband-connected  devices, 
as  well  as  VMs  connected  via  our  NOC  at  hosted  provider  nFrame. 


How  DaaS  works 

In  the  simplest  form,  DaaS  is  like  Remote 
Desktop  Protocol  (RDP),  Virtual  Network 
Computing  (VNC)  and  similar  provision¬ 
ing  that  dates  back  to  the  pcAnywhere  days, 
where  you  got  screen,  keyboard  and  mouse 
(at  minimum)  connected  to  another  computer. 

Today’s  iteration  is  virtual  desktop  infra¬ 
structure  (VDI),  which  includes  the  basics, 
plus  sound,  local  drive  and  local  ports  (like 
USB).  VDI  can  be  accomplished  on-premise 
or  in  the  cloud. 

DaaS  service  providers  are  the  gateway  for 
cloud-based  connectivity,  which  includes  vir¬ 
tualized  desktop  sessions  and  applied  admin¬ 
istrative  constraints.  The  selling  points  are 
hosted  external  applications,  shared  storage 
resources,  joining  DaaS  resources  as  exten¬ 
sions  of  an  existing  (or  new)  Active  Directory 
infrastructure,  and  extended  device  compat¬ 
ibility  in  a  BYOD  scenario. 

Here  are  the  individual  reviews: 

Desktone 

esktone  uses  Citrix  components  mixed 
with  its  own  desktop  portal  and  man¬ 
agement  infrastructure.  The  Citrix  pieces, 
including  session  access  applications  like 
Citrix  Receiver,  give  remote  users  choices  for 
what  kind  of  device,  such  as  a  Mac  or  a  Win¬ 
dows  XP  client,  might  be  compatible  with  a 
Desktone-hosted  Windows  7  session. 

Hosted  sessions  can  reside  in  an  isolated 
Active  Directory  or  workgroup  environment, 
or  could  be  connected  via  a  VPN  (many 
types  are  supported)  linking  Desktone’s 
provisioned  desktops  and  network  with  a 
customer  network. 

VPN  connectivity  can  be  problematic 
because  of  the  varying  types  of  VPNs  possi¬ 
ble.  Those  connected  with  firewall  and  VPN 
appliances  are  said  to  be  the  most  easily  (and 
quickly)  deployed. 


The  customer  intake  process  revolved 
around  deciding  on  networking  characteris¬ 
tics,  choosing  different  hosted  desktop  vari¬ 
ants  based  on  an  average  installation,  then 
upgrades  to  hosted  sessions  based  on  mem¬ 
ory,  disk  and  number  of  CPUs  (up  to  four)  that 
would  be  hosted  on  Desktone’s  cloud,  which 
consists  largely  of  blades  in  a  multi-tenant 
environment. 

Like  several  other  DaaS  service  providers 
we  tested,  Desktone  has  an  administrative 
portal  application  to  manage  DaaS  operations 
security  and  asset  formation  (making  custom¬ 
ized  versions  of  Windows  7  for  DaaS  access). 
Also,  like  other  DaaS  service  providers  tested, 
we  found  we  could  join  our  Active  Directory 
network  logon  characteristics  if  needed;  a  net¬ 
work  “join”  is  available  for  VPN  purposes,  too. 

The  Desktone  portal  allowed  us  to  check 
site  configuration,  desktop  asset  distribution 
and  pools,  which  are  aggregations  of  resource 
groupings.  Pools  allowed  us  to  differentiate 
RDP-connected  machines  by  resources,  like 
local-to-session  clipboard,  drive,  printer, 
smartcard  or  COM  port  connectivity. 

Dividing  pools  in  this  way  allows  an  orga¬ 
nization  to  create  Active  Directory  pools,  then 
to  differentiate  between  persistent  and  non- 
persistent  sessions,  and  then  to  aggregate 
local  resources. 

Desktone  provides  the  ability  to  try  the 
instances  prior  to  deployment  by  administra¬ 
tively  accessed  instances  that  use  Windows 
Sysprep. 

The  landing  URL  (the  starting  page  that 
clients  access  via  a  browser)  can  be  custom¬ 
ized  with  organizational  logos  and  imprints. 
It’s  also  possible  to  link  to  third-party  trouble- 
ticket  applications  and  systems  management 
applications.  We  found  out  about  Desktone 
through  an  announcement  by  Quest  Soft¬ 
ware  that  its  applications  will  soon  be  able 


to  resource-manage  Desktone’s  portal  and 
DaaS  resources  under  its  “umbrella.” 

The  Citrix  infrastructure  helps  expand 
accessibility;  common  desktop  operating  sys¬ 
tem  browser  connections  are  available,  as  well 
as  various  Citrix  Receiver  clients  for  devices 
ranging  from  iOS  and  Android  through  Linux, 
Mac  OS  and,  of  course,  older  and  newer  ver¬ 
sions  of  Windows.  This  would  also  hold  true 
for  other  DaaS  service  providers  we  tested. 

The  Desktone  speed  was  very  good  in  our 
light  performance  testing,  and  we  encoun¬ 
tered  no  difficulties  using  Windows  7 
instances.  We’d  like  to  see  stronger  password 
and  smartcard  use,  as  we  could  change  pass¬ 
words  to  those  easily  cracked  by  dictionary 
attacks,  although  passwords  are  wrapped  by 
the  default  HTTPS  session  encryption. 

Desktone  was  fast  and  easy  to  provision, 
made  easily  accessible  by  the  largely  Citrix- 
based  connectivity  infrastructure.  Perfor¬ 
mance  was  good,  and  extensibility  to  existing 
networks  should  be  simple. 

dinCloud 

he  dinCloud  client  is  vWorkspace  from 
Quest  Software.  On  Windows  clients, 
that  means  Flash  is  used,  although  there  are 
other  client-types  that  don’t  use  Flash,  like 
the  iPads  and  other  devices  under  iOS  and 
Linux.  The  vWorkspace  software  gave  us  a 
rapid  access  under  Windows  7,  but  requires  a 
few  user-side  settings  (that  can  be  scripted,  if 
you’re  gifted)  on  other  platforms.  The  results, 
however,  are  pretty  spectacular  for  users. 

If  you’ve  used  Windows  7  on  a  desktop  or 
notebook,  subject  to  your  connection  speed, 
you  get  an  identical  experience.  Our  connec¬ 
tion  was  fast,  and  it  was  difficult  to  tell  that  it 
wasn’t  the  resident  host  operating  system  on 
our  clients.  The  caveat  is  that  we  have  a  strong 
broadband  connection  and  couldn’t  detect  any 
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How  desktop-as-a-service  works 

Hosted  virtual  desktops  connect  to  a  next-gen  data  center  in  the 
cloud,  which  delivers  desktop  apps  and  storage  to  enterprise  devices. 


Hosted 

virtual 

desktop 


latency  at  all.  Those  with  slower  connections  or 
congestion  may  experience  weaker  response. 
Those  searching  for  a  remotely  hosted  Win¬ 
dows  7  session  that  feels  like  a  hypervisor- 
based  Windows  7  session  will  be  pleased. 

The  administrative  experience  for  din- 
Cloud  is  very  simple,  and  it’s  not  for  civilians, 
although  civilians/users  can  be  given  policy- 
controlled  choices.  DinCloud  presented  us 
with  an  organizational  URL  and  a  base  set 
of  users;  then  we  were  required  to  update 
to  Adobe  Flash  Player  10+.  The  yourorg.din 
Cloud.com  landing  URL  was  called,  a  link 
was  provided  and  the  sessions  began. 

The  vWorkspace  client  supports  RDP,  ICA 
and  even  VNC  (although  potentially  unen¬ 
crypted)  access  protocols,  and  logged  us  on 
quickly,  but  it  took  a  bit  of  work  to  get  Firefox 
11  working;  IE8/9  worked  easily  to  access 
sessions. 

The  Quest  vWorkspace  client  supports 
device  sharing;  it’s  possible  to  administra¬ 
tively  permit/allow  sharing  of  local  drives, 
printers,  COM  ports,  smartcards,  USB 
devices  (where  Windows  7  supports  them), 
“universal  printers”  (print  to  PDF,  etc.),  micro¬ 
phone  and  interactive  clipboard  contents. 
Screen  sizes  can  be  autosized  or  forced  to 
default  geometry.  We  could  also  set  perfor¬ 
mance  optimizations  and  add  various  speed 
enhancements,  including  media  player  redi¬ 
rection  (Windows  Media  Player  pops  up 
locally,  if  available,  rather  than  needing  to 
drag  it  through  the  session  connection). 

Overall,  dinCloud  was  fast,  and  the  intake 
process  was  professional  and  showed  skills 
at  varying  architectural  possibilities.  If 
we  wanted  to  rapidly  join  a  flock  of  policy- 
enforced,  yet  generic  Windows  7  desktops 
together,  dinCloud  would  be  our  choice. 

Nivio 

he  Nivio  experience  was  different  than  the 
other  DaaS  providers,  following  a  model 
that’s  very  retail-like  on  the  surface,  but  had 
some  depth  of  configuration.  Based  on  Citrix 
XenServer,  Nivio  used  a  commodity-based 
session  model  for  its  desktop  services.  You 
can  get  persistent  or  non-persistent  sessions, 
rent  or  license  apps,  and  use  the  session- 
spawned  “nDrive”  to  save  and  collaborate 
pre-loaded  or  production  data  among  groups 
of  users.  The  feel  of  Nivio  is  more  ad  hoc  and 
spontaneous.  There’s  an  “nApps”  store,  an 
organizational  URL  yourorg.niv.io,  and  the 
nDrive.  The  “n”  theme  was  catchy;  some  will 
find  it  gets  old  to  them. 

Nivio  doesn’t  provision  standard  Windows 
7  sessions.  Instead,  we  got  terminal-server¬ 
like  sessions  running  on  Windows  2008 
R2  Server.  Nivio  uses  Ericom  AccessNow 


2  graphics  acceleration  server  for  HTML5 
graphics  speed  enhancement,  a  product  we 
saw  in  a  prior  edition  (and  earlier  stages)  in 
our  coverage  of  VDI  server  infrastructure. 

Nivio  eschews  typical  Citrix  XenServer 
client  infrastructure,  and  used  Adobe  Flash- 
based  browser  access  or  HTML5  browser 
access.  Flash  adds  compatibility  but  at  the 
potential  sacrifice  of  non-Flash  client-types  — 
but  it’s  possible  to  use  an  HTMLS-compatible 
browser  (apparently  IE9  is  incompatible  with 
Nivio’s  software)  to  log  on  to  a  virtual  Nivio 
session.  We  ran  into  some  access  problems 
with  Firefox  11,  but  Nivio  proved  to  us  that 
there’s  a  bug  in  Firefox  11  in  which  mixed 
SSL-encrypted  and  non-encrypted  data  aren’t 
correctly  handled  from  their  perspective;  per¬ 
haps  it’s  fixed  by  the  time  you  read  this,  but 
we  found  the  portions  of  the  session  used 
were  encrypted  correctly,  just  not  reported  by 
Firefox  as  encrypted. 

The  sessions  are  hosted  in  turn  on  a  Win¬ 
dows  2008  R2  server,  terminal  server-style. 
The  sessions  were  highly  policy  controlled, 
but  contained  a  full  payload  of  standard-issue 
Microsoft  Office  apps.  If  you  use  Windows, 
you’re  in  Windows  and  no  retraining  ought 
to  be  required  to  make  use  of  the  Citrix  Win¬ 
dows  session  UI. 

The  Nivio  nApp  offerings  were  divided 
into  several  categories,  including  free  and 
rentable.  While  the  list  wasn’t  very  long,  we 
found  its  inclusion  interesting  in  the  face  of 


other  application  stores  like  iTunes  or  Google 
Apps  Marketplace.  If  you  want  to  use  free 
office  applications,  several  choices  are  avail¬ 
able,  as  well  as  familiar  Microsoft  Office  at  a 
rental  price. 

In  use,  Nivio  was  the  longest  to  load  a  ses¬ 
sion  unless  it  was  a  persistent  session  (which 
still  takes  a  little  time  to  set  up).  That  said,  the 
length  of  time  was  less  than  half  a  minute, 
and  sessions  performed  well  according  to 
the  benchmark  we  used.  Nivio  has  a  youthful 
appeal  to  it  that  betrays  its  depth  of  configura¬ 
tion.  It  was  refreshing. 

ICC  Global  Hosting 

ICC  Global  hosts  a  number  of  line-of-busi- 
ness  applications  for  a  variety  of  ISVs  and 
says  its  “sweet  spot”  is  sessions  for  five  to 
500  users.  Like  others  in  our  DaaS  testing, 
ICCGH  uses  Citrix  infrastructure,  and  after  a 
customer  intake  and  provisioning  process,  we 
logged  on  to  Citrix  XenApp. 

As  with  others  that  we  tested,  Citrix 
XenApp  provisioned  us  with  a  Windows 
2008  R2  “terminal”  session,  and  it  was 
extraordinarily  fast,  due  to  a  short  four-hop 
connection  between  our  facilities  in  Bloom¬ 
ington  and  from  nFrame,  our  hosting  facil¬ 
ity  in  Carmel,  Ind.,  and  their  sites  in  Atlanta 
and  eastern  Kentucky.  Others  may  have  our 
experience  depending  on  their  connectivity. 
The  XenApp  software  is  available  for  a  vari¬ 
ety  of  Windows  and  Mac  hosts,  and  we  found 
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How  we  did  it 

We  noted  the  customer  intake  procedures  for  each  of  the  five  DaaS  ven¬ 
dors,  focusing  on  what  options  and  what  type  of  process  were  used.  We 
set  a  platform  consisting  of  several  Windows  7  virtual  machines,  as  well 
as  a  Lenovo  T520  running  native  Windows  7,  another  T520  running  Linux  Mint  2, 
and  three  MacBooks  running  Mac  OS  5,  6  and  7  respectively,  as  well  as  an  Apple 
iPad  running  iOS  5. 

We  downloaded  the  client  software,  usually  Citrix  Receiver  (see  individual  product 
descriptions),  then  configured  the  clients.  Our  virtual  machines  accessed  sessions 
that  we  spawned  using  our  network  operations  center  at  nFrame,  which  hosted  the 
Windows  7  client-sessions  atop  VMware  ESXi,  through  an  Extreme  Networks  switch, 
and  nFrame’s  GBE  backbone.  Clients  in  our  lab  accessed  sessions  via  our  Comcast 
1.5Mbps  broadband  connection. 

We  noted  the  application  software  payloads  available,  and  asked  for  Micro¬ 
soft  Office;  in  all  cases,  MS  Office  2010  was  provisioned.  We  edited  documents 
embedded  with  .jpeg  pictures  and  noted  how  smooth  the  DaaS  session  scrolling 
was  through  embedded  .jpegs  and  other  graphics.  All  had  approximately  the  same 
smooth  scrolling.  We  then  noted  any  special  shared  storage  capability,  and  tested 
the  storage  by  storing  and  reloading  files  that  we’d  uploaded. 


all  of  them  —  Mac  OS,  Linux,  Windows  and 
Android,  via  Citrix  Receiver,  equally  featured 
in  terms  of  resource  sharing  and  speed. 

After  an  initial  provisioning  exchange,  we 
were  given  a  URL,  logon  and  initial  pass¬ 
words.  From  there,  all  was  lightning  fast, 
and  the  plain-vanilla  Windows-over-Citrix 
experience.  ICCGH  was  otherwise  fastidious 
regarding  building  up  the  provisioned  desk¬ 
tops  quickly,  and  has  experience  in  multi¬ 
tenant,  ISV  environments. 

ICCGH  also  has  experience  in  putting 
together  a  variety  of  Active  Directory  envi¬ 
ronment  extensions,  or  isolated,  server-based 
authentication  mechanisms  through  the  use 
of  VPNs.  A  number  of  VPN  configurations 
are  supported,  including  IPSec,  GRE  and 
PPTP,  that  allow  “islands”  of  resources  to  be 
connected  (or  not)  for  extension,  isolation 
or  application-specific  off-premises  pools  of 
resources. 

Like  other  DaaS  provider  services  tested, 
ICCGH  can  make  available  local  resources 
such  as  disk  storage,  USB,  printers,  etc.,  or 
otherwise  control  them  through  either  cus¬ 
tomer-supplied  policies  or  those  imposed 
by  Active  Directory  connections.  Microsoft- 
savvy  admins  will  feel  at  home. 

Applications2U 

The  Applications2U  (A2U)  environment 
is  also  underpinned  by  Citrix  infrastruc¬ 
ture,  and  downloads  Citrix  Receiver  on  initial 
access  for  users.  There  are  a  wide  variety  of 
compatible  Citrix  Receiver  clients  available  — 
meaning  Windows  machines,  Macs,  iOS  and 
Android;  some  of  the  clients  are  more  diffi¬ 
cult  to  install  than  others,  but  Windows  and 
Apple  users  shouldn’t  have  much  problem. 

Applications2U  with  Citrix  Receiver  allows 
a  fully  virtualized  desktop  experience,  and/or 
allows  only  Windows-compatible  applica¬ 
tions  to  be  accessed.  The  apps-only  experience 
is  A2U’s  secret  sauce  (a  version  of  XenApp  is 
also  offered  by  ICCGH  that  provides  a  similar 
service),  and  it’s  done  well.  Using  the  Receiver, 
remote  applications  can  be  launched  on  a 
Receiver-launched  device,  rather  than  an 
entire  Windows  7-ish  desktop.  This  permits 
“foreign”  applications  to  run  wherever  com¬ 
munications  and  security  mandates  permit. 

Receiver- launched  applications  could  be  a 
simple  Excel  spreadsheet,  an  SAP  application, 
something  .Net,  or  whatever  might  run  on  the 
hosted  virtual  session,  in  isolation  from  most 
of  what  happens  on  the  client-side  environ¬ 
ment.  The  DaaS  is  in  the  cloud,  or  just  a  cloud- 
hosted  application  within  A2U  construct. 

While  Applications2U  stresses  managed 
service  provider  (MSP)  services,  we  confined 
our  use  and  testing  to  application  and  hosted 


virtual  desktop  use.  A2U  uses  SunGard  as  its 
hosting  facility.  The  customer  intake  process 
was  poised  toward  setting  up  extensions  of 
existing  resources,  but  also  duplication  of 
internal  infrastructure  for  use  as  disaster 
recovery  “hot  site”  use,  or  other  alternate  use. 

Like  other  Citrix  infrastructure  tested, 
A2U  allows  resource  sharing,  local  or  A2U- 
hosted.  Like  Nivio,  the  A2U-based  storage 
can  be  group-shared,  we  found,  as  well  as 
policy-enforced  (optional)  local  resource 
sharing,  drives,  printers  and  the  like.  In  test¬ 
ing,  configuration  and  deployment  was  fast, 
and  responsiveness  was  very  good.  The  A2U 
cloud-hosted  sessions  were  quick,  and  we 
were  reminded  of  our  Desktone  experience. 

We  did  not  extensively  test  hosted  applica¬ 
tions,  and  we  did  not  try  to  pen-test  applica¬ 
tions  hosted  via  the  virtualization  provided 
by  the  Citrix  Receiver  application.  Apps 
hosted  by  A2U  have  moderate  isolation  from 
whatever’s  going  on  in  the  client’s  hardware 
and  OS  environment,  but  application  ses¬ 
sions  may  be  subject  to  client-side  keyloggers 
or  other  entrapments  that  might  make  them 
insecure.  However,  we  could  find  no  current 
CVE  notes  that  portend  that  Microsoft  Office 
applications  are  remotely  exploitable  when 
hosted  elsewhere  from  a  virtualized  access. 
Only  the  client  host,  via  Citrix  Receiver, 
receives  an  infection  vector.  Applications  vir¬ 
tualized  by  A2U  aren’t  necessarily  immune 
from  BYOD  connection  malware.  Communi¬ 
cations  to  A2U  hosted  components  were  fast, 
and  logon  to  A2U  resources  was  equally  fast. 

Applications  can  be  placed  in  user  desktop 


menus  like  other  applications,  and  only  pos¬ 
sible  latencies  betray  the  remote  execution  of 
the  application. 

We  found  Applications2U  both  resource¬ 
ful  and  responsive.  Like  ICCGH,  A2U  seems 
targeted  toward  larger  organizations  and  ver¬ 
tically  integrated  Windows  applications  and 
the  experience  was  both  efficient  and  drama- 
free.  We  like  that. 

Overall 

While  it  seemed  as  though  we  were  reviewing 
Citrix  DaaS,  we  found  much  differentiation 
among  the  vendors.  Desktone  and  dinCloud 
were  easily  provisioned  and  fast.  Applica- 
tions2U  had  a  bit  of  useful  option  shock,  but 
also  the  secret  sauces  of  application  virtualiza¬ 
tion  specialties,  as  well  as  ready-made  options 
for  alternate/hot-site  capabilities.  Nivio  had 
HTML5  access  going  for  it,  and  had  our  vote 
for  something  that  was  actually  “fun.”  ICCGH, 
like  Applications2U,  performed  well. 

A  final  word  of  caution 

Three  of  the  five  service  providers  we  tested 
had  issues  with  TLS/SSL  certificates.  All  the 
issues  that  we  ran  into  were  corrected  quickly. 
Administrators  are  cautioned  to  initially,  then 
randomly  check  for  TLS/SSL  certificate  valid¬ 
ity  (and  correct  chain  of  certificate  authority) 
when  accessing  through  browsers.  ■ 

Henderson  is  managing  director  for 
ExtremeLabs,  of  Bloomington,  Ind. 

Henderson  can  be  reached  at  kitchen-sink@ 
extremelabs.com. 
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Patch  cords  are  the  weakest  link  in  datacenter  cabling. 
At  Cablesys,  our  mission  is  to  make  it  the  strongest 


We  offer  11  colors,  20  lengths,  fiber,  copper,  CAT  5e,  6,  6A,  10G,  40G,  100G, 
custom  labeling,  bundling  and  kitting.  We  have  millions  in  stock  that 
can  be  shipped  same  day  and  best  of  all,  20%  less  than  name  brands. 

We  help  thousands  of  integrators  with  custom  tailored  patching  solutions 
so  they  can  focus  on  what's  important  -  their  network.  Give  us  a  try,  and 
you  will  be  surprised  how  easy  it  is. 
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What's  at  risk  if  bad  power  damages 
vour  business  network? 


Only  APC  Back-UPS  delivers  unsurpassed 
power  protection  and  real  energy  savings. 

Today's  cost-saving  Back-UPS 

For  years  you’ve  relied  on  APC  Back-UPS™  to  protect  your  business  from  expensive 
downtime  caused  by  power  problems.  Today,  the  reinvented  Back-UPS  does  even  more. 
Its  highly  efficient  design  noticeably  reduces  energy  use,  so  you  start  saving  money  the 
minute  you  plug  it  in.  Only  APC  Back-UPS  guarantees  to  keep  your  electronics  up  and 
your  energy  use  down! 

Unique  energy-efficient  features 
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reduce  power  consumption  when  power  is  good  and  extend  runtimes  when  the  lights 
go  out.  Together,  these  power-saving  features  eliminate  wasteful  electricity  drains,  saving 
you  about  $40  -  $50  a  year.  And  managing  today’s  Back-UPS  couldn’t  be  easier  thanks 
to  an  integrated  LCD  that  provides  diagnostic  information  at  your  fingertips. 

Trusted  insurance  for  all  your  business  needs 

The  award-winning  Back-UPS  provides  reliable  power  protection  for  a  range  of 
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external  storage.  The  reinvented  APC  Back-UPS  is  the  trusted  insurance  you  need  to  stay 
up  and  running  and  reliably  protected  from  both  unpredictable  power  and  energy  waste! 
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Keep  your  electronics  up 
and  your  energy  use  down! 


Back-UPS  models  are  available  with  the  features  and  runtime 
capacity  that  best  suit  your  application,  and  many  models  have 
been  designed  with  power-saving  features  to  reduce  costs. 
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features.  Power-saving  outlets  automatically  shut  off  power  to  unused  devices 
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►  Social ,  from  page  1 

But  the  Bob’s  Stores  Facebook  site,  espe¬ 
cially,  needs  constant  attention  for  security 
reasons  because  fraudsters  have  been  known 
to  attempt  to  lure  visitors  to  “various  traps 
anywhere  around  the  world,”  Baitch  says. 
“We  try  to  work  hard  to  make  sure  none  of 
our  customers  are  put  at  risk.” 

This  is  the  kind  of  danger  for  business  that 
comes  with  social  media,  says  Charles  Ren- 
ert,  vice  president  of  Websense  security  labs. 
“Video  lures”  have  become  one  of  the  biggest 
threats  on  social  media.  “It’s  all  about  social 
engineering  and  the  lures,”  he  says. 

While  Bob’s  Stores  uses  social  media 
to  draw  attention  to  sales  at  its  stores  and 
e-commerce  website,  for  instance,  the  apparel 
retailer  does  not  often  favor  its  employees 
using  social  media. 

The  acceptable-use  policy  the  company 
established  generally  prohibits  employee  use 
of  social  media  unless  the  job  function  calls 
for  it,  Baitch  says.  To  enforce  that,  Bob’s  Stores 
makes  use  of  the  Websense  security  gateway 
dubbed  Triton  to  block  employee  access  to 
Internet-based  social  media  via  the  corporate 
network  resources. 

Baitch  says  the  main  rationale  to  block 
employee  access  to  social  media  is  that  the 
company  would  appear  to  bear  legal  respon¬ 
sible  for  any  employee’s  wrongful  or  reck¬ 
less  behavior,  if  it  occurred,  if  the  employee 
were  using  the  company’s  network.  But  if  an 
employee,  aware  of  corporate  policy  making 
social  media  off  limits,  did  something  wrong 
using  their  own  network  resources,  the  lia¬ 
bility  risk  would  more  squarely  rest  on  the 
employee. 

Concerns  about  safeguarding  customer 
data  according  to  the  Payment  Card  Industry 
security  guidelines  also  influenced  the  deci¬ 
sion  by  Bob’s  Stores  to  keep  employees  off 
social  media.  The  company  is  so  concerned 
that  it  might  be  possible  to  get  by  the  Web¬ 
sense  gateway,  it’s  also  investigating  use  of 
whitelisting  technologies  to  lock  down  cor¬ 
porate  computers. 

Social  media  is  important  in  other  areas, 
such  as  sports,  too,  where  there  are  also  risks. 

“Social  media  is  big,  like  Twitter  and  Face- 
book,”  says  Bill  Bolt,  vice  president  of  IT 
for  the  Phoenix  Suns  NBA  team.  “And  now 
there’s  Google.”  It’s  now  common  practice 
to  interact  with  fans,  tweeting  team  news 
and  posting  video  interviews  with  the  team’s 
stars,  such  as  Jared  Dudley  and  Steve  Nash, 
or  selling  game  tickets  through  direct  interac¬ 
tion  online. 

But  when  big  playoff  games  are  scheduled 
between  competing  teams,  things  can  get 
pretty  wild  among  the  fans  on  all  sides.  “Some 


of  this  crosses  the  line,”  says  Bolt,  noting  the 
Phoenix  Suns  dedicate  resources  to  screening 
and  eliminating  expressions  of  virulent  hate 
or  verbal  abuse  coming  in  through  Facebook 
and  other  sources. 

Finding  the  right  balance  between  allow¬ 
ing  or  prohibiting  employees  to  use  social 
media  has  been  an  evolving  process  over  the 
years  for  many  businesses. 

At  Summa  Health  Systems,  the  health¬ 
care  provider  in  Akron,  Ohio,  the  network 
systems  engineer  there,  Mike  Wade,  says 
management  has  typically  viewed  social 
networking  for  employees  as  “wasting  time” 
or  a  potential  for  “mistakes.”  At  first  Summa 
Health  Systems  tried  blocking  it  through 
a  traditional  firewall,  which  didn’t  always 
work  since  “people  found  a  way  around  that.” 

Currently,  the  healthcare  group  uses  a 
Palo  Alto  Networks  next-generation  fire¬ 
wall  (NGFW),  setting  fine-grained  controls 
on  social  media  application  usage  for  each 
employee.  Policy  has  evolved  to  allow  human 
resources,  research  and  management  to  make 
some  use  of  social  media,  though  for  the  hos¬ 
pital  clinical  staff,  sites  such  as  Facebook, 
MySpace  and  Twitter  are  still  off  limits. 

Sensitivity  to  privacy  guidelines  in  the 
Health  Insurance  Portability  and  Account¬ 
ability  Act  regulation  plays  a  big  part  because 
if  any  information  about  patients  turned  up 
on  social-networking  sites,  that  could  be  a 
serious  legal  problem.  Summa  Health  Sys¬ 
tems  is  starting  to  make  use  of  a  “Web  DLP” 
function  in  the  Palo  Alto  NGFW  as  a  data- 
loss  prevention  function  to  monitor  for  out¬ 
going  patient  data  and  block  it.  The  hospital  is 
also  looking  at  deploying  desktop-based  DLP 
for  the  same  reason. 

Some  consultants  express  some  doubt 
that  technology  is  the  main  answer  to  keep¬ 
ing  employees  from  doing  foolish  or  wrong 
things  on  social  media  that  will  harm  their 
companies  or  themselves. 

Gary  Loveland,  principal,  national  secu¬ 
rity  leader  at  PricewaterhouseCoopers,  says 
the  chief  concern  about  social  networking  is 
that  sensitive  information  could  be  shared 
outside  on  social-networking  sites  when  it 
shouldn’t  be. 

But  just  setting  up  the  equivalent  of  a  cor¬ 
porate  blockade  to  social  media  is  a  “limited” 
approach  at  best,  he  says,  for  the  obvious 
reason  that  someone  can  get  to  Facebook  or 
other  sites  using  a  personal  mobile  device  ora 
home  network.  Security  education  of  employ¬ 
ees  from  the  day  they  are  hired  is  necessary 
to  drive  the  message  home  to  them  about 
the  risks  that  social  media  pose,  even  while 
businesses  monitor  sites  to  see  what’s  being 
said  about  the  company.  “It’s  about  coming  to 
grips  with  reality  on  this,”  Loveland  says.  ■ 


Top  concerns 

Forrester  Research  surveyed 
1,282  corporate  security 
decision  makers  about 
their  top  concerns 
regarding  employee  use 
of  social  media.  Below 
are  percentages  of  those 
decision  makers  con¬ 
cerned  about  the  fol 


LEGEND 

■■  Enterprise 

(1,000  or  more  employees) 

BHBB  Small  to  midsize  business  (SMB) 
(20-999) 

Very-small  business  (VSB)  (2-19) 


Data  leaks  that  can  expose  the 
organization  to  lawsuits  or  lost 
business 


Employees  posting 
inappropriate/embarrassing 
content  that  causes  brand 
damage 


Ensuring/asserting 
regulatory  compliance  in 

using  these  platforms 


SOURCE:  FORRESTER  REPORT: 
•UNDERSTANDING  LEGAL  AND  REGULATORY 
RISKS  IN  SOCIAL  MEDIA" 
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Microsoft:  Too  old  and  too  big  to  survive? 


WHAT  BROWSER  do  you  prefer?  According  to 
w3schools.com,  which  tracks  browser  usage 
of  people  interested  in  Web  technologies  and 
hence  more  likely  to  try  alternative  tools,  as  of  April  this  year,  38.3%  of 
us  preferred  Google’s  Chrome,  35.8%  went  with  Mozilla’s  Firefox,  and 
18.3%  were  still  using  Microsoft’s  Internet  Explorer  (Apple’s  Safari  and 
Opera  were  trailing  way  behind).  Over  the  last  year  IE  and  Firefox  have 
seen  their  shares  decrease  and  only  Chrome  has  gained  share. 

So,  will  these  trends  continue?  Will  Google  continue  to  gooble  up  the 
browser  market?  Ah,  gentle  reader,  you  might  think  so  or,  indeed,  hope 
so,  but  not  if  Microsoft  has  its  way. 

In  what  I  assume  are  the  first  steps  of  a  broader  world  domination 
strategy,  it  seems  Microsoft  has  decided  that,  under  Windows  RT  (a 
version  of  Windows  8  designed  for  the  ARM  architecture),  and  pos¬ 
sibly  under  Windows  8  on  x86  as  well  (according  to  Internet  Evolu¬ 
tion  (see  tinyurl.com/cwam7fk),  only  Internet  Explorer  will  be  able  to 
access  all  the  available  APIs  and  security  features. 

On  the  Mozilla  blog  a  post  by  Harvey  Anderson,  Mozilla  general 
counsel,  explained  the  situation:  “It’s  reported  that  Windows  RT  ... 
will  have  two  environments,  a  Windows  Classic  environment  and  a 
Metro  environment  for  apps.  However,  Windows  on  ARM  prohibits 
any  browser  except  for  Internet  Explorer  from  running  in  the  privi¬ 
leged  ‘Windows  Classic’  environment.  In  practice,  this  means  that  only 
Internet  Explorer  will  be  able  to  perform  many  of  the  advanced  com¬ 
puting  functions  vital  to  modem  browsers  in  terms  of  speed,  stability, 
and  security  to  which  users  have  grown  accustomed.  Given  that  IE 
can  run  in  Windows  on  ARM,  there  is  no  technical  reason  to  conclude 


other  browsers  can’t  do  the  same.” 

These  limitations  would  make  it  impossible  for  other  browsers  to 
do  things  like  use  plug-ins  and  extensions  that  aren’t  approved  of  by 
Microsoft.  Now,  given  how  rapidly  the  market  for  ARM-based  lap¬ 
tops  and  desktops  is  expanding,  this  could  seriously  impact  the  other 
browsers’  market  shares  as  well  as  completely  remove  anything  that 
might  look  like  user  choice. 

In  other  words,  Microsoft  would  be  quite  intentionally  and  trans¬ 
parently  stifling  competition  and  indulging  in  the  sort  of  anti-com- 
petitive  practices  that  caused  it  to  be  taken  to  court  by  the  European 
Union,  where  the  company  was  found  guilty  and  wound  up  paying 
an  enormous  fine. 

According  to  a  CNET  article,  Microsoft  Deputy  General  Counsel 
David  Heiner  justifies  this  move  by  arguing  that  ARM  processors 
have  new  security  and  power  management  features  and  Microsoft  is 
“the  only  one  who  can  meet  those  needs”  and  that  Windows  RT  “isn’t 
Windows  anymore.” 

This  is  quite  obviously  complete  nonsense  and,  when  you  combine 
that  with  other  Microsoft  moves,  such  as  canning  its  lame  “Windows 
Live”  branding  and  extending  its  ridiculous  $99  “Signature  Upgrade” 
bloatware  removal  service  to  Windows  8,  you  might  be  starting  to 
wonder  whether  Microsoft  is  entering  its  dotage.  Perhaps,  unlike  the 
banks,  Microsoft  hasn’t  become  too  big  to  fail  but  rather  too  old  and 
too  big  to  survive.  M 

Gibbs  is  hanging  on  in  Ventura,  Calif.  Your  survival  plans  to 
backspin@gibbs.com  and  follow  him  on  Twitter  (@quistuipater). 
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What’s  missing  from  the  iPhone  5  rumor  mill 


A  KEY  tenet  of  Apple  rumormongering  is 
that  Apple  history  repeats  itself  repeatedly: 
If  Apple  has  done  X,  Y  and  42  so  much  as 
twice  consecutively,  pundits  posit  that  Apple  will  do  X,  Y  and  42  a 
third  time. 

So  I’m  going  to  use  this  methodology  to  attempt  to  poke  holes  in  a 
solidifying  conventional  wisdom  that  Apple  will  announce  the  iPhone 
5  on  June  11  at  its  Worldwide  Developers  Conference. 

As  anyone  who  follows  the  industry  knows,  each  of  the  past  two 
iPhone  releases  has  been  preceded  by  a  prototype  of  the  upcoming 
model  disappearing  from  a  bar. 

An  iPhone  4  prototype  went  missing  on  March  18, 2010,  and  Apple 
officially  unveiled  the  model  on  June  7.  That’s  81  days  later.  An  iPhone 
4S  prototype  skedaddled  out  of  a  saloon  on  July  21, 2011,  and  Apple 
took  the  wraps  off  that  baby  on  Oct.  4.  Seventy-five  days. 

A  difference  of  a  mere  six  days.  Coincidence?  I  think  n ...  well,  work 
with  me  here. 

The  next  component  in  the  equation  is  the  elapsed  time  between  the 
loss  of  the  prototype  and  public  disclosure  of  same. 

The  loss  of  the  iPhone  4  prototype  was  not  revealed  publicly  until 
an  April  18, 2010,  story  by  Gizmodo:  32  days.  The  iPhone  4S  prototype 
was  quietly  MIA  until  an  Aug.  31, 2011,  story  by  CNET:  41  days. 

Close  again:  We  see  that  it  takes  the  press  an  average  of  36.5  days  to 
catch  wind  of  iPhone  prototypes  going  missing  from  bars. 

Which  brings  us  back  to  June  11  and  Apple’s  Worldwide  Developers 
Conference,  at  which  —  if  you  believe  a  growing  chorus  of  pundits  — 
there  is  expected  to  be  an  official  iPhone  5  announcement. 


Color  me  skeptical.  Unless  all  the  iPhone  5  prototypes  have  been 
surgically  implanted  into  the  forearms  of  those  Apple  employees  who 
have  them,  history  tells  us  that  one  went  missing  on  or  about  Feb.  27, 
which  means  the  news  story  should  have  been  published  in  early  April. 

Since  the  latter  didn’t  happen,  the  implications  are  clear:  Either 
Apple  has  gotten  much  better  at  suppressing  news  about  its  missing 
iPhone  prototypes.  Or  those  looking  for  an  iPhone  5  announcement  on 
June  11  are  going  to  be  sorely  disappointed. 

History’s  first  prank  phone  call 

Unless  it  turns  out  that  Alexander  Graham  Bell  didn’t  really  want 
to  see  Watson  —  that  he  was  just  goofing  on  the  guy  —  then  the  first 
documented  prank  phone  call  would  appear  to  have  occurred  about 
eight  years  after  that  famous  1876  exchange ...  and  at  the  expense  of  an 
undertaker  in  Providence,  R.I. 

This  nugget  of  telecommunications  history  comes  from  the  Feb. 
2,  1884,  edition  of  The  Electrical  World,  via  Google  Books,  and  was 
unearthed  by  Paul  Collins,  an  associate  professor  of  English  at  Port¬ 
land  State  University,  who  is  perhaps  better  known  as  The  Literary 
Detective.  The  passage,  highlighted  on  Buzzblog  last  week,  reads: 

“A  GRAVE  JOKE  ON  UNDERTAKERS  —  Some  malicious  wag  at 
Providence  R.I.  has  been  playing  a  grave  practical  joke  on  the  under¬ 
takers  there,  by  summoning  them  over  the  telephone  to  bring  freezers, 
candlesticks  and  coffin  for  persons  alleged  to  be  dead.  In  each  case  the 
denoument  was  highly  farcical,  and  the  reputed  corpses  are  now  hunt¬ 
ing  in  a  lively  manner  for  that  telephonist.” 

Who  knew  the  19th  century  had  its  own  Bart  Simpson?  ■ 
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